app and domain base class renaming

server/src/main/java/password/pwm/FileLocker.java

@@ -20,7 +20,7 @@
 
 package password.pwm;
 
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
@@ -128,10 +128,10 @@ class FileLocker
     public void waitForFileLock( )
             throws PwmUnrecoverableException
     {
-        final Configuration configuration = pwmEnvironment.getConfig();
+        final DomainConfig domainConfig = pwmEnvironment.getConfig();
         final int maxWaitSeconds = pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance )
                 ? 1
-                : Integer.parseInt( configuration.readAppProperty( AppProperty.APPLICATION_FILELOCK_WAIT_SECONDS ) );
+                : Integer.parseInt( domainConfig.readAppProperty( AppProperty.APPLICATION_FILELOCK_WAIT_SECONDS ) );
         final Instant startTime = Instant.now();
         final TimeDuration attemptInterval = TimeDuration.of( 5021, TimeDuration.Unit.MILLISECONDS );
 

server/src/main/java/password/pwm/PwmAboutProperty.java

@@ -48,7 +48,7 @@ public enum PwmAboutProperty
     app_startTime( null, pwmApplication -> format( pwmApplication.getStartupTime() ) ),
     app_installTime( null, pwmApplication -> format( pwmApplication.getInstallTime() ) ),
     app_siteUrl( null, pwmApplication -> pwmApplication.getConfig().readSettingAsString( PwmSetting.PWM_SITE_URL ) ),
-    app_instanceID( null, PwmApplication::getInstanceID ),
+    app_instanceID( null, PwmDomain::getInstanceID ),
     app_trialMode( null, pwmApplication -> Boolean.toString( PwmConstants.TRIAL_MODE ) ),
     app_mode_appliance( null, pwmApplication -> Boolean.toString( pwmApplication.getPwmEnvironment().getFlags().contains( PwmEnvironment.ApplicationFlag.Appliance ) ) ),
     app_mode_docker( null, pwmApplication -> Boolean.toString( pwmApplication.getPwmEnvironment().getFlags().contains( PwmEnvironment.ApplicationFlag.Docker ) ) ),
@@ -112,9 +112,9 @@ public enum PwmAboutProperty
             pwmApplication -> pwmApplication.getDatabaseService().getConnectionDebugProperties().get( DatabaseService.DatabaseAboutProperty.databaseProductVersion ) ),;
 
     private final String label;
-    private final transient Function<PwmApplication, String> value;
+    private final transient Function<PwmDomain, String> value;
 
-    PwmAboutProperty( final String label, final Function<PwmApplication, String> value )
+    PwmAboutProperty( final String label, final Function<PwmDomain, String> value )
     {
         this.label = label;
         this.value = value;
@@ -123,19 +123,19 @@ public enum PwmAboutProperty
     private static final PwmLogger LOGGER = PwmLogger.forClass( PwmAboutProperty.class );
 
     public static Map<PwmAboutProperty, String> makeInfoBean(
-            final PwmApplication pwmApplication
+            final PwmDomain pwmDomain
     )
     {
         final Map<String, String> aboutMap = new TreeMap<>();
 
         for ( final PwmAboutProperty pwmAboutProperty : PwmAboutProperty.values() )
         {
-            final Function<PwmApplication, String> valueProvider = pwmAboutProperty.value;
+            final Function<PwmDomain, String> valueProvider = pwmAboutProperty.value;
             if ( valueProvider != null )
             {
                 try
                 {
-                    final String value = valueProvider.apply( pwmApplication );
+                    final String value = valueProvider.apply( pwmDomain );
                     aboutMap.put( pwmAboutProperty.name(), value == null ? "" : value );
                 }
                 catch ( final Throwable t )

server/src/main/java/password/pwm/PwmApplication.java

@@ -20,120 +20,16 @@
 
 package password.pwm;
 
-import com.novell.ldapchai.ChaiUser;
-import com.novell.ldapchai.exception.ChaiUnavailableException;
-import com.novell.ldapchai.provider.ChaiProvider;
-import password.pwm.bean.SessionLabel;
-import password.pwm.bean.SmsItemBean;
-import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
-import password.pwm.config.PwmSetting;
-import password.pwm.config.stored.StoredConfiguration;
-import password.pwm.config.stored.StoredConfigurationUtil;
-import password.pwm.error.ErrorInformation;
-import password.pwm.error.PwmError;
-import password.pwm.error.PwmException;
 import password.pwm.error.PwmUnrecoverableException;
-import password.pwm.health.HealthMonitor;
-import password.pwm.http.servlet.configeditor.data.SettingDataMaker;
-import password.pwm.http.servlet.peoplesearch.PeopleSearchService;
-import password.pwm.http.servlet.resource.ResourceServletService;
-import password.pwm.http.state.SessionStateService;
-import password.pwm.ldap.LdapConnectionService;
-import password.pwm.ldap.search.UserSearchEngine;
-import password.pwm.svc.PwmService;
-import password.pwm.svc.PwmServiceEnum;
-import password.pwm.svc.PwmServiceManager;
-import password.pwm.svc.cache.CacheService;
-import password.pwm.svc.email.EmailService;
-import password.pwm.svc.event.AuditEvent;
-import password.pwm.svc.event.AuditRecordFactory;
-import password.pwm.svc.event.AuditService;
-import password.pwm.svc.event.SystemAuditRecord;
-import password.pwm.svc.httpclient.HttpClientService;
-import password.pwm.svc.intruder.IntruderManager;
-import password.pwm.svc.intruder.RecordType;
-import password.pwm.svc.node.NodeService;
-import password.pwm.svc.pwnotify.PwNotifyService;
-import password.pwm.svc.report.ReportService;
-import password.pwm.svc.sessiontrack.SessionTrackService;
-import password.pwm.svc.sessiontrack.UserAgentUtils;
-import password.pwm.svc.shorturl.UrlShortenerService;
-import password.pwm.svc.stats.Statistic;
-import password.pwm.svc.stats.StatisticsManager;
-import password.pwm.svc.token.TokenService;
-import password.pwm.svc.wordlist.SeedlistService;
-import password.pwm.svc.wordlist.SharedHistoryManager;
-import password.pwm.svc.wordlist.WordlistService;
-import password.pwm.util.DailySummaryJob;
-import password.pwm.util.MBeanUtility;
-import password.pwm.util.PasswordData;
-import password.pwm.util.PwmScheduler;
-import password.pwm.util.cli.commands.ExportHttpsTomcatConfigCommand;
-import password.pwm.util.db.DatabaseAccessor;
-import password.pwm.util.db.DatabaseService;
-import password.pwm.util.java.FileSystemUtility;
-import password.pwm.util.java.JavaHelper;
-import password.pwm.util.java.JsonUtil;
-import password.pwm.util.java.StringUtil;
-import password.pwm.util.java.TimeDuration;
-import password.pwm.util.localdb.LocalDB;
-import password.pwm.util.localdb.LocalDBFactory;
-import password.pwm.util.logging.LocalDBLogger;
-import password.pwm.util.logging.PwmLogLevel;
-import password.pwm.util.logging.PwmLogManager;
 import password.pwm.util.logging.PwmLogger;
-import password.pwm.util.macro.MacroRequest;
-import password.pwm.util.operations.CrService;
-import password.pwm.util.operations.OtpService;
-import password.pwm.util.queue.SmsQueueManager;
-import password.pwm.util.secure.HttpsServerCertificateManager;
-import password.pwm.util.secure.PwmRandom;
-import password.pwm.util.secure.SecureService;
 
-import java.io.ByteArrayOutputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.Serializable;
-import java.security.KeyStore;
-import java.time.Instant;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
-import java.util.Optional;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.function.Function;
-import java.util.function.Supplier;
-
-/**
- * A repository for objects common to the servlet context.  A singleton
- * of this object is stored in the servlet context.
- *
- * @author Jason D. Rivard
- */
 public class PwmApplication
 {
     private static final PwmLogger LOGGER = PwmLogger.forClass( PwmApplication.class );
     private static final String DEFAULT_INSTANCE_ID = "-1";
 
-    private final Instant startupTime = Instant.now();
-    private final AtomicInteger activeServletRequests = new AtomicInteger( 0 );
-    private final PwmServiceManager pwmServiceManager = new PwmServiceManager();
 
-    private Instant installTime = Instant.now();
-    private ErrorInformation lastLocalDBFailure;
     private PwmEnvironment pwmEnvironment;
-    private FileLocker fileLocker;
-    private PwmScheduler pwmScheduler;
-    private String instanceID = DEFAULT_INSTANCE_ID;
-    private String runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
-    private LocalDB localDB;
-    private LocalDBLogger localDBLogger;
 
     public PwmApplication( final PwmEnvironment pwmEnvironment )
             throws PwmUnrecoverableException
@@ -141,15 +37,7 @@ public class PwmApplication
         this.pwmEnvironment = pwmEnvironment;
         pwmEnvironment.verifyIfApplicationPathIsSetProperly();
 
-        try
-        {
-            initialize();
-        }
-        catch ( final PwmUnrecoverableException e )
-        {
-            LOGGER.fatal( e::getMessage );
-            throw e;
-        }
+
     }
 
     public static PwmApplication createPwmApplication( final PwmEnvironment pwmEnvironment ) throws PwmUnrecoverableException
@@ -157,890 +45,5 @@ public class PwmApplication
         return new PwmApplication( pwmEnvironment );
     }
 
-    private void initialize( )
-            throws PwmUnrecoverableException
-    {
-        final Instant startTime = Instant.now();
-
-        // initialize log4j
-        if ( !pwmEnvironment.isInternalRuntimeInstance() && !pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance ) )
-        {
-            final String log4jFileName = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_LOG4JCONFIG_FILE );
-            final File log4jFile = FileSystemUtility.figureFilepath( log4jFileName, pwmEnvironment.getApplicationPath() );
-            final String consoleLevel;
-            final String fileLevel;
-
-            switch ( getApplicationMode() )
-            {
-                case ERROR:
-                case NEW:
-                    consoleLevel = PwmLogLevel.TRACE.toString();
-                    fileLevel = PwmLogLevel.TRACE.toString();
-                    break;
-
-                default:
-                    consoleLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_STDOUT_LEVEL );
-                    fileLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_FILE_LEVEL );
-                    break;
-            }
-
-            PwmLogManager.initializeLogger( this, pwmEnvironment.getConfig(), log4jFile, consoleLevel, pwmEnvironment.getApplicationPath(), fileLevel );
-
-            switch ( getApplicationMode() )
-            {
-                case RUNNING:
-                    break;
-
-                case ERROR:
-                    LOGGER.fatal( () -> "starting up in ERROR mode! Check log or health check information for cause" );
-                    break;
-
-                default:
-                    LOGGER.trace( () -> "setting log level to TRACE because application mode is " + getApplicationMode() );
-                    break;
-            }
-        }
-
-        // get file lock
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            fileLocker = new FileLocker( pwmEnvironment );
-            fileLocker.waitForFileLock();
-        }
-
-        // clear temp dir
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            final File tempFileDirectory = getTempDirectory();
-            try
-            {
-                FileSystemUtility.deleteDirectoryContents( tempFileDirectory );
-            }
-            catch ( final Exception e )
-            {
-                throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_STARTUP_ERROR,
-                        "unable to clear temp file directory '" + tempFileDirectory.getAbsolutePath() + "', error: " + e.getMessage()
-                ) );
-            }
-        }
-
-        if ( getApplicationMode() != PwmApplicationMode.READ_ONLY )
-        {
-            LOGGER.info( () -> "initializing, application mode=" + getApplicationMode()
-                    + ", applicationPath=" + ( pwmEnvironment.getApplicationPath() == null ? "null" : pwmEnvironment.getApplicationPath().getAbsolutePath() )
-                    + ", configFile=" + ( pwmEnvironment.getConfigurationFile() == null ? "null" : pwmEnvironment.getConfigurationFile().getAbsolutePath() )
-            );
-        }
-
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            if ( getApplicationMode() == PwmApplicationMode.ERROR )
-            {
-                LOGGER.warn( () -> "skipping LocalDB open due to application mode " + getApplicationMode() );
-            }
-            else
-            {
-                if ( localDB == null )
-                {
-                    this.localDB = Initializer.initializeLocalDB( this, pwmEnvironment );
-                }
-            }
-        }
-
-        this.localDBLogger = PwmLogManager.initializeLocalDBLogger( this );
-
-        // log the loaded configuration
-        LOGGER.debug( () -> "configuration load completed" );
-
-        // read the pwm servlet instance id
-        instanceID = fetchInstanceID( localDB, this );
-        LOGGER.debug( () -> "using '" + getInstanceID() + "' for instance's ID (instanceID)" );
-
-        // read the pwm installation date
-        installTime = fetchInstallDate( startupTime );
-        LOGGER.debug( () -> "this application instance first installed on " + JavaHelper.toIsoDate( installTime ) );
-
-        LOGGER.debug( () -> "application environment flags: " + JsonUtil.serializeCollection( pwmEnvironment.getFlags() ) );
-        LOGGER.debug( () -> "application environment parameters: " + JsonUtil.serializeMap( pwmEnvironment.getParameters() ) );
-
-        pwmScheduler = new PwmScheduler( getInstanceID() );
-
-        pwmServiceManager.initAllServices( this );
-
-        final boolean skipPostInit = pwmEnvironment.isInternalRuntimeInstance()
-                || pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance );
-
-        if ( !skipPostInit )
-        {
-            final TimeDuration totalTime = TimeDuration.fromCurrent( startTime );
-            LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " open for bidness! (" + totalTime.asCompactString() + ")" );
-            StatisticsManager.incrementStat( this, Statistic.PWM_STARTUPS );
-            LOGGER.debug( () -> "buildTime=" + PwmConstants.BUILD_TIME + ", javaLocale=" + Locale.getDefault() + ", DefaultLocale=" + PwmConstants.DEFAULT_LOCALE );
-
-            pwmScheduler.immediateExecuteInNewThread( this::postInitTasks, this.getClass().getSimpleName() + " postInit tasks" );
-        }
-    }
-
-    public void reInit( final PwmEnvironment pwmEnvironment )
-            throws PwmException
-    {
-        final Instant startTime = Instant.now();
-        LOGGER.debug( () -> "beginning application restart" );
-        shutdown( true );
-        this.pwmEnvironment = pwmEnvironment;
-        initialize();
-        runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
-        LOGGER.debug( () -> "completed application restart", () -> TimeDuration.fromCurrent( startTime ) );
-    }
-
-    private void postInitTasks( )
-    {
-        final Instant startTime = Instant.now();
-
-        getPwmScheduler().immediateExecuteInNewThread( UserAgentUtils::initializeCache, "initialize useragent cache" );
-        getPwmScheduler().immediateExecuteInNewThread( SettingDataMaker::initializeCache, "initialize PwmSetting metadata" );
-
-        outputConfigurationToLog( this );
-
-        outputNonDefaultPropertiesToLog( this );
-
-        // send system audit event
-        try
-        {
-            final SystemAuditRecord auditRecord = new AuditRecordFactory( this ).createSystemAuditRecord(
-                    AuditEvent.STARTUP,
-                    null
-            );
-            getAuditManager().submit( null, auditRecord );
-        }
-        catch ( final PwmException e )
-        {
-            LOGGER.warn( () -> "unable to submit start alert event " + e.getMessage() );
-        }
-
-        try
-        {
-            final Map<PwmAboutProperty, String> infoMap = PwmAboutProperty.makeInfoBean( this );
-            LOGGER.trace( () ->  "application info: " + JsonUtil.serializeMap( infoMap ) );
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.error( () -> "error generating about application bean: " + e.getMessage(), e );
-        }
-
-        try
-        {
-            this.getIntruderManager().clear( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME );
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.warn( () -> "error while clearing configmanager-intruder-username from intruder table: " + e.getMessage() );
-        }
-
-        if ( !pwmEnvironment.isInternalRuntimeInstance() )
-        {
-            try
-            {
-                outputKeystore( this );
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.debug( () -> "error while generating keystore output: " + e.getMessage() );
-            }
-
-            try
-            {
-                outputTomcatConf( this );
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.debug( () -> "error while generating tomcat conf output: " + e.getMessage() );
-            }
-        }
-
-        MBeanUtility.registerMBean( this );
-
-        {
-            final ExecutorService executorService = PwmScheduler.makeSingleThreadExecutorService( this, PwmApplication.class );
-            pwmScheduler.scheduleDailyZuluZeroStartJob( new DailySummaryJob( this ), executorService, TimeDuration.ZERO );
-        }
-
-        LOGGER.trace( () -> "completed post init tasks", () -> TimeDuration.fromCurrent( startTime ) );
-    }
-
-    private static void outputKeystore( final PwmApplication pwmApplication ) throws Exception
-    {
-        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmApplication.getPwmEnvironment().getParameters();
-        final String keystoreFileString = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreFile );
-        if ( keystoreFileString != null && !keystoreFileString.isEmpty() )
-        {
-            LOGGER.trace( () -> "attempting to output keystore as configured by environment parameters to " + keystoreFileString );
-            final File keyStoreFile = new File( keystoreFileString );
-            final String password = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStorePassword );
-            final String alias = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreAlias );
-            final KeyStore keyStore = HttpsServerCertificateManager.keyStoreForApplication( pwmApplication, new PasswordData( password ), alias );
-            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
-            keyStore.store( outputContents, password.toCharArray() );
-            if ( keyStoreFile.exists() )
-            {
-                LOGGER.trace( () -> "deleting existing keystore file " + keyStoreFile.getAbsolutePath() );
-                if ( keyStoreFile.delete() )
-                {
-                    LOGGER.trace( () -> "deleted existing keystore file: " + keyStoreFile.getAbsolutePath() );
-                }
-            }
-
-            try ( FileOutputStream fileOutputStream = new FileOutputStream( keyStoreFile ) )
-            {
-                fileOutputStream.write( outputContents.toByteArray() );
-            }
-
-            LOGGER.info( () -> "successfully exported application https key to keystore file " + keyStoreFile.getAbsolutePath() );
-        }
-    }
-
-    private static void outputTomcatConf( final PwmApplication pwmApplication ) throws IOException
-    {
-        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmApplication.getPwmEnvironment().getParameters();
-        final String tomcatOutputFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfOutputFile );
-        if ( tomcatOutputFileStr != null && !tomcatOutputFileStr.isEmpty() )
-        {
-            LOGGER.trace( () -> "attempting to output tomcat configuration file as configured by environment parameters to " + tomcatOutputFileStr );
-            final File tomcatOutputFile = new File( tomcatOutputFileStr );
-            final File tomcatSourceFile;
-            {
-                final String tomcatSourceFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile );
-                if ( tomcatSourceFileStr != null && !tomcatSourceFileStr.isEmpty() )
-                {
-                    tomcatSourceFile = new File( tomcatSourceFileStr );
-                    if ( !tomcatSourceFile.exists() )
-                    {
-                        LOGGER.error( () -> "can not output tomcat configuration file, source file does not exist: " + tomcatSourceFile.getAbsolutePath() );
-                        return;
-                    }
-                }
-                else
-                {
-                    LOGGER.error( () -> "can not output tomcat configuration file, source file parameter '"
-                            + PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile.toString() + "' is not specified." );
-                    return;
-                }
-            }
-
-            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
-            try ( FileInputStream fileInputStream = new FileInputStream( tomcatOutputFile ) )
-            {
-                ExportHttpsTomcatConfigCommand.TomcatConfigWriter.writeOutputFile(
-                        pwmApplication.getConfig(),
-                        fileInputStream,
-                        outputContents
-                );
-            }
-
-            if ( tomcatOutputFile.exists() )
-            {
-                LOGGER.trace( () -> "deleting existing tomcat configuration file " + tomcatOutputFile.getAbsolutePath() );
-                if ( tomcatOutputFile.delete() )
-                {
-                    LOGGER.trace( () -> "deleted existing tomcat configuration file: " + tomcatOutputFile.getAbsolutePath() );
-                }
-            }
-
-            try ( FileOutputStream fileOutputStream = new FileOutputStream( tomcatOutputFile ) )
-            {
-                fileOutputStream.write( outputContents.toByteArray() );
-            }
-
-            LOGGER.info( () -> "successfully wrote tomcat configuration to file " + tomcatOutputFile.getAbsolutePath() );
-        }
-    }
-
-    private static void outputConfigurationToLog( final PwmApplication pwmApplication )
-    {
-        final Instant startTime = Instant.now();
-
-        final Function<Map.Entry<String, String>, String> valueFormatter = entry ->
-        {
-            final String spacedValue = entry.getValue().replace( "\n", "\n   " );
-            return " " + entry.getKey() + "\n   " + spacedValue + "\n";
-        };
-
-        final StoredConfiguration storedConfiguration = pwmApplication.getConfig().getStoredConfiguration();
-        final Map<String, String> debugStrings = StoredConfigurationUtil.makeDebugMap( storedConfiguration, storedConfiguration.modifiedItems(), PwmConstants.DEFAULT_LOCALE );
-
-        LOGGER.trace( () -> "--begin current configuration output--" );
-        debugStrings.entrySet().stream()
-                .map( valueFormatter )
-                .map( s -> ( Supplier<CharSequence> ) () -> s )
-                .forEach( LOGGER::trace );
-        LOGGER.trace( () -> "--end current configuration output--", () -> TimeDuration.fromCurrent( startTime ) );
-    }
-
-    private static void outputNonDefaultPropertiesToLog( final PwmApplication pwmApplication )
-    {
-        final Instant startTime = Instant.now();
-
-        final Map<AppProperty, String> nonDefaultProperties = pwmApplication.getConfig().readAllNonDefaultAppProperties();
-        if ( !JavaHelper.isEmpty( nonDefaultProperties ) )
-        {
-            LOGGER.trace( () -> "--begin non-default app properties output--" );
-            nonDefaultProperties.entrySet().stream()
-                    .map( entry -> "AppProperty: " + entry.getKey().getKey() + " -> " + entry.getValue() )
-                    .map( s -> ( Supplier<CharSequence> ) () -> s )
-                    .forEach( LOGGER::trace );
-            LOGGER.trace( () -> "--end non-default app properties output--", () -> TimeDuration.fromCurrent( startTime ) );
-        }
-        else
-        {
-            LOGGER.trace( () -> "no non-default app properties in configuration" );
-
-        }
-    }
-
-    public String getInstanceID( )
-    {
-        return instanceID;
-    }
-
-    public SharedHistoryManager getSharedHistoryManager( )
-    {
-        return ( SharedHistoryManager ) pwmServiceManager.getService( PwmServiceEnum.SharedHistoryManager );
-    }
-
-    public IntruderManager getIntruderManager( )
-    {
-        return ( IntruderManager ) pwmServiceManager.getService( PwmServiceEnum.IntruderManager );
-    }
-
-    public ChaiUser getProxiedChaiUser( final UserIdentity userIdentity )
-            throws PwmUnrecoverableException
-    {
-        try
-        {
-            final ChaiProvider proxiedProvider = getProxyChaiProvider( userIdentity.getLdapProfileID() );
-            return proxiedProvider.getEntryFactory().newChaiUser( userIdentity.getUserDN() );
-        }
-        catch ( final ChaiUnavailableException e )
-        {
-            throw PwmUnrecoverableException.fromChaiException( e );
-        }
-    }
-
-    public ChaiProvider getProxyChaiProvider( final String identifier )
-            throws PwmUnrecoverableException
-    {
-        return getLdapConnectionService().getProxyChaiProvider( identifier );
-    }
-
-    public LocalDBLogger getLocalDBLogger( )
-    {
-        return localDBLogger;
-    }
-
-    public HealthMonitor getHealthMonitor( )
-    {
-        return ( HealthMonitor ) pwmServiceManager.getService( PwmServiceEnum.HealthMonitor );
-    }
-
-    public HttpClientService getHttpClientService()
-    {
-        return ( HttpClientService ) pwmServiceManager.getService( PwmServiceEnum.HttpClientService );
-    }
-
-    public List<PwmService> getPwmServices( )
-    {
-        final List<PwmService> pwmServices = new ArrayList<>();
-        pwmServices.add( this.localDBLogger );
-        pwmServices.addAll( this.pwmServiceManager.getRunningServices() );
-        pwmServices.remove( null );
-        return Collections.unmodifiableList( pwmServices );
-    }
-
-    public WordlistService getWordlistService( )
-    {
-        return ( WordlistService ) pwmServiceManager.getService( PwmServiceEnum.WordlistManager );
-    }
-
-    public SeedlistService getSeedlistManager( )
-    {
-        return ( SeedlistService ) pwmServiceManager.getService( PwmServiceEnum.SeedlistManager );
-    }
-
-    public ReportService getReportService( )
-    {
-        return ( ReportService ) pwmServiceManager.getService( PwmServiceEnum.ReportService );
-    }
-
-    public EmailService getEmailQueue( )
-    {
-        return ( EmailService ) pwmServiceManager.getService( PwmServiceEnum.EmailQueueManager );
-    }
-
-    public AuditService getAuditManager( )
-    {
-        return ( AuditService ) pwmServiceManager.getService( PwmServiceEnum.AuditService );
-    }
-
-    public SmsQueueManager getSmsQueue( )
-    {
-        return ( SmsQueueManager ) pwmServiceManager.getService( PwmServiceEnum.SmsQueueManager );
-    }
-
-    public PwNotifyService getPwNotifyService( )
-    {
-        return ( PwNotifyService ) pwmServiceManager.getService( PwmServiceEnum.PwExpiryNotifyService );
-    }
-
-    public UrlShortenerService getUrlShortener( )
-    {
-        return ( UrlShortenerService ) pwmServiceManager.getService( PwmServiceEnum.UrlShortenerService );
-    }
-
-    public UserSearchEngine getUserSearchEngine( )
-    {
-        return ( UserSearchEngine ) pwmServiceManager.getService( PwmServiceEnum.UserSearchEngine );
-    }
-
-    public NodeService getClusterService( )
-    {
-        return ( NodeService ) pwmServiceManager.getService( PwmServiceEnum.ClusterService );
-    }
-
-    public ErrorInformation getLastLocalDBFailure( )
-    {
-        return lastLocalDBFailure;
-    }
-
-    public TokenService getTokenService( )
-    {
-        return ( TokenService ) pwmServiceManager.getService( PwmServiceEnum.TokenService );
-    }
-
-    public LdapConnectionService getLdapConnectionService( )
-    {
-        return ( LdapConnectionService ) pwmServiceManager.getService( PwmServiceEnum.LdapConnectionService );
-    }
-
-    public SessionTrackService getSessionTrackService( )
-    {
-        return ( SessionTrackService ) pwmServiceManager.getService( PwmServiceEnum.SessionTrackService );
-    }
-
-    public ResourceServletService getResourceServletService( )
-    {
-        return ( ResourceServletService ) pwmServiceManager.getService( PwmServiceEnum.ResourceServletService );
-    }
-
-    public PeopleSearchService getPeopleSearchService( )
-    {
-        return ( PeopleSearchService ) pwmServiceManager.getService( PwmServiceEnum.PeopleSearchService );
-    }
-
-    public Configuration getConfig( )
-    {
-        return pwmEnvironment.getConfig();
-    }
-
-    public PwmApplicationMode getApplicationMode( )
-    {
-        return pwmEnvironment.getApplicationMode();
-    }
-
-    public DatabaseAccessor getDatabaseAccessor( )
-
-            throws PwmUnrecoverableException
-    {
-        return getDatabaseService().getAccessor();
-    }
-
-    public DatabaseService getDatabaseService( )
-    {
-        return ( DatabaseService ) pwmServiceManager.getService( PwmServiceEnum.DatabaseService );
-    }
-
-
-    private Instant fetchInstallDate( final Instant startupTime )
-    {
-        if ( localDB != null )
-        {
-            try
-            {
-                final Optional<String> storedDateStr = readAppAttribute( AppAttribute.INSTALL_DATE, String.class );
-                if ( !storedDateStr.isPresent() )
-                {
-                    writeAppAttribute( AppAttribute.INSTALL_DATE, String.valueOf( startupTime.toEpochMilli() ) );
-                }
-                else
-                {
-                    return Instant.ofEpochMilli( Long.parseLong( storedDateStr.get() ) );
-                }
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.error( () -> "error retrieving installation date from localDB: " + e.getMessage() );
-            }
-        }
-        return Instant.now();
-    }
-
-    private String fetchInstanceID( final LocalDB localDB, final PwmApplication pwmApplication )
-    {
-        {
-            final String newInstanceID = pwmApplication.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.InstanceID );
-
-            if ( !StringUtil.isTrimEmpty( newInstanceID ) )
-            {
-                return newInstanceID;
-            }
-        }
-
-        {
-            final Optional<String> optionalStoredInstanceID = readAppAttribute( AppAttribute.INSTANCE_ID, String.class );
-            if ( optionalStoredInstanceID.isPresent() )
-            {
-                final String instanceID = optionalStoredInstanceID.get();
-                if ( !StringUtil.isTrimEmpty( instanceID ) )
-                {
-                    LOGGER.trace( () -> "retrieved instanceID " + instanceID + "" + " from localDB" );
-                    return instanceID;
-                }
-            }
-        }
-
-        final PwmRandom pwmRandom = PwmRandom.getInstance();
-        final String newInstanceID = Long.toHexString( pwmRandom.nextLong() ).toUpperCase();
-        LOGGER.debug( () -> "generated new random instanceID " + newInstanceID );
-
-        if ( localDB != null )
-        {
-            writeAppAttribute( AppAttribute.INSTANCE_ID, newInstanceID );
-        }
-
-        return newInstanceID;
-    }
-
-    public StatisticsManager getStatisticsManager( )
-    {
-        return ( StatisticsManager ) pwmServiceManager.getService( PwmServiceEnum.StatisticsManager );
-    }
-
-    public OtpService getOtpService( )
-    {
-        return ( OtpService ) pwmServiceManager.getService( PwmServiceEnum.OtpService );
-    }
-
-    public CrService getCrService( )
-    {
-        return ( CrService ) pwmServiceManager.getService( PwmServiceEnum.CrService );
-    }
-
-    public SessionStateService getSessionStateService( )
-    {
-        return ( SessionStateService ) pwmServiceManager.getService( PwmServiceEnum.SessionStateSvc );
-    }
-
-
-    public CacheService getCacheService( )
-    {
-        return ( CacheService ) pwmServiceManager.getService( PwmServiceEnum.CacheService );
-    }
-
-    public SecureService getSecureService( )
-    {
-        return ( SecureService ) pwmServiceManager.getService( PwmServiceEnum.SecureService );
-    }
 
-    public void sendSmsUsingQueue(
-            final String to,
-            final String message,
-            final SessionLabel sessionLabel,
-            final MacroRequest macroRequest
-    )
-    {
-        final SmsQueueManager smsQueue = getSmsQueue();
-        if ( smsQueue == null )
-        {
-            LOGGER.error( sessionLabel, () -> "SMS queue is unavailable, unable to send SMS to: " + to );
-            return;
-        }
-
-        final SmsItemBean smsItemBean = new SmsItemBean(
-                macroRequest.expandMacros( to ),
-                macroRequest.expandMacros( message ),
-                sessionLabel
-        );
-
-        try
-        {
-            smsQueue.addSmsToQueue( smsItemBean );
-        }
-        catch ( final PwmUnrecoverableException e )
-        {
-            LOGGER.warn( () -> "unable to add sms to queue: " + e.getMessage() );
-        }
-    }
-
-    public void shutdown( )
-    {
-        shutdown( false );
-    }
-
-    public void shutdown( final boolean keepServicesRunning )
-    {
-        pwmScheduler.shutdown();
-
-        LOGGER.warn( () -> "shutting down" );
-        {
-            // send system audit event
-            try
-            {
-                final SystemAuditRecord auditRecord = new AuditRecordFactory( this ).createSystemAuditRecord(
-                        AuditEvent.SHUTDOWN,
-                        null
-                );
-                if ( getAuditManager() != null )
-                {
-                    getAuditManager().submit( null, auditRecord );
-                }
-            }
-            catch ( final PwmException e )
-            {
-                LOGGER.warn( () -> "unable to submit shutdown alert event " + e.getMessage() );
-            }
-        }
-
-        MBeanUtility.unregisterMBean( this );
-
-        if ( !keepServicesRunning )
-        {
-            pwmServiceManager.shutdownAllServices();
-        }
-
-        if ( localDBLogger != null )
-        {
-            try
-            {
-                localDBLogger.close();
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.error( () -> "error closing localDBLogger: " + e.getMessage(), e );
-            }
-            localDBLogger = null;
-        }
-
-        if ( keepServicesRunning )
-        {
-            LOGGER.trace( () -> "skipping close of LocalDB (restart request)" );
-        }
-        else if ( localDB != null )
-        {
-            try
-            {
-                LOGGER.trace( () -> "beginning close of LocalDB" );
-                localDB.close();
-            }
-            catch ( final Exception e )
-            {
-                LOGGER.fatal( () -> "error closing localDB: " + e, e );
-            }
-            localDB = null;
-        }
-
-        if ( fileLocker != null )
-        {
-            fileLocker.releaseFileLock();
-        }
-
-        LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " closed for bidness, cya!" );
-    }
-
-    public Instant getStartupTime( )
-    {
-        return startupTime;
-    }
-
-    public Instant getInstallTime( )
-    {
-        return installTime;
-    }
-
-    public LocalDB getLocalDB( )
-    {
-        return localDB;
-    }
-
-    private static class Initializer
-    {
-        public static LocalDB initializeLocalDB( final PwmApplication pwmApplication, final PwmEnvironment pwmEnvironment )
-                throws PwmUnrecoverableException
-        {
-            final File databaseDirectory;
-
-            try
-            {
-                final String localDBLocationSetting = pwmApplication.getConfig().readAppProperty( AppProperty.LOCALDB_LOCATION );
-                databaseDirectory = FileSystemUtility.figureFilepath( localDBLocationSetting, pwmApplication.pwmEnvironment.getApplicationPath() );
-            }
-            catch ( final Exception e )
-            {
-                pwmApplication.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "error locating configured LocalDB directory: " + e.getMessage() );
-                LOGGER.warn( () -> pwmApplication.lastLocalDBFailure.toDebugStr() );
-                throw new PwmUnrecoverableException( pwmApplication.lastLocalDBFailure );
-            }
-
-            LOGGER.debug( () -> "using localDB path " + databaseDirectory );
-
-            // initialize the localDB
-            try
-            {
-                final boolean readOnly = pwmApplication.getApplicationMode() == PwmApplicationMode.READ_ONLY;
-                return LocalDBFactory.getInstance( databaseDirectory, readOnly, pwmEnvironment, pwmApplication.getConfig() );
-            }
-            catch ( final Exception e )
-            {
-                pwmApplication.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "unable to initialize LocalDB: " + e.getMessage() );
-                LOGGER.warn( () -> pwmApplication.lastLocalDBFailure.toDebugStr() );
-                throw new PwmUnrecoverableException( pwmApplication.lastLocalDBFailure );
-            }
-        }
-    }
-
-    public PwmEnvironment getPwmEnvironment( )
-    {
-        return pwmEnvironment;
-    }
-
-    public String getRuntimeNonce( )
-    {
-        return runtimeNonce;
-    }
-
-    public <T extends Serializable> Optional<T> readAppAttribute( final AppAttribute appAttribute, final Class<T> returnClass )
-    {
-        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
-        {
-            LOGGER.debug( () -> "error retrieving key '" + appAttribute.getKey() + "', localDB unavailable: " );
-            return Optional.empty();
-        }
-
-        if ( appAttribute == null )
-        {
-            return Optional.empty();
-        }
-
-        try
-        {
-            final String strValue = localDB.get( LocalDB.DB.PWM_META, appAttribute.getKey() );
-            return Optional.of( JsonUtil.deserialize( strValue, returnClass ) );
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' value from localDB: " + e.getMessage() );
-        }
-        return Optional.empty();
-    }
-
-    public void writeAppAttribute( final AppAttribute appAttribute, final Serializable value )
-    {
-        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
-        {
-            LOGGER.error( () -> "error writing key '" + appAttribute.getKey() + "', localDB unavailable: " );
-            return;
-        }
-
-        if ( appAttribute == null )
-        {
-            return;
-        }
-
-        try
-        {
-            if ( value == null )
-            {
-                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
-            }
-            else
-            {
-                final String jsonValue = JsonUtil.serialize( value );
-                localDB.put( LocalDB.DB.PWM_META, appAttribute.getKey(), jsonValue );
-            }
-        }
-        catch ( final Exception e )
-        {
-            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' installation date from localDB: " + e.getMessage() );
-            try
-            {
-                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
-            }
-            catch ( final Exception e2 )
-            {
-                LOGGER.error( () -> "error removing bogus appAttribute value for key " + appAttribute.getKey() + ", error: " + localDB );
-            }
-        }
-    }
-
-    public File getTempDirectory( ) throws PwmUnrecoverableException
-    {
-        if ( pwmEnvironment.getApplicationPath() == null )
-        {
-            final ErrorInformation errorInformation = new ErrorInformation(
-                    PwmError.ERROR_STARTUP_ERROR,
-                    "unable to establish temp work directory: application path unavailable"
-            );
-            throw new PwmUnrecoverableException( errorInformation );
-        }
-        final File tempDirectory = new File( pwmEnvironment.getApplicationPath() + File.separator + "temp" );
-        if ( !tempDirectory.exists() )
-        {
-            LOGGER.trace( () -> "preparing to create temporary directory " + tempDirectory.getAbsolutePath() );
-            if ( tempDirectory.mkdir() )
-            {
-                LOGGER.debug( () -> "created " + tempDirectory.getAbsolutePath() );
-            }
-            else
-            {
-                LOGGER.debug( () -> "unable to create temporary directory " + tempDirectory.getAbsolutePath() );
-                final ErrorInformation errorInformation = new ErrorInformation(
-                        PwmError.ERROR_STARTUP_ERROR,
-                        "unable to establish create temp work directory " + tempDirectory.getAbsolutePath()
-                );
-                throw new PwmUnrecoverableException( errorInformation );
-            }
-        }
-        return tempDirectory;
-    }
-
-    public boolean determineIfDetailErrorMsgShown( )
-    {
-        final PwmApplicationMode mode = this.getApplicationMode();
-        if ( mode == PwmApplicationMode.CONFIGURATION || mode == PwmApplicationMode.NEW )
-        {
-            return true;
-        }
-        if ( mode == PwmApplicationMode.RUNNING )
-        {
-            if ( this.getConfig() != null )
-            {
-                if ( this.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SHOW_DETAILED_ERRORS ) )
-                {
-                    return true;
-                }
-            }
-        }
-        return false;
-    }
-
-    public AtomicInteger getActiveServletRequests( )
-    {
-        return activeServletRequests;
-    }
-
-    public PwmScheduler getPwmScheduler()
-    {
-        return pwmScheduler;
-    }
 }
-
-
-

server/src/main/java/password/pwm/PwmApplicationMode.java

@@ -44,16 +44,16 @@ public enum PwmApplicationMode
             return ERROR;
         }
 
-        final PwmApplication pwmApplication;
+        final PwmDomain pwmDomain;
         try
         {
-            pwmApplication = contextManager.getPwmApplication();
+            pwmDomain = contextManager.getPwmApplication();
         }
         catch ( final Throwable t )
         {
             return ERROR;
         }
 
-        return pwmApplication.getApplicationMode();
+        return pwmDomain.getApplicationMode();
     }
 }

server/src/main/java/password/pwm/PwmDomain.java

@@ -0,0 +1,1045 @@
+/*
+ * Password Management Servlets (PWM)
+ * http://www.pwm-project.org
+ *
+ * Copyright (c) 2006-2009 Novell, Inc.
+ * Copyright (c) 2009-2020 The PWM Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package password.pwm;
+
+import com.novell.ldapchai.ChaiUser;
+import com.novell.ldapchai.exception.ChaiUnavailableException;
+import com.novell.ldapchai.provider.ChaiProvider;
+import password.pwm.bean.SessionLabel;
+import password.pwm.bean.SmsItemBean;
+import password.pwm.bean.UserIdentity;
+import password.pwm.config.DomainConfig;
+import password.pwm.config.PwmSetting;
+import password.pwm.config.stored.StoredConfiguration;
+import password.pwm.config.stored.StoredConfigurationUtil;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmException;
+import password.pwm.error.PwmUnrecoverableException;
+import password.pwm.health.HealthMonitor;
+import password.pwm.http.servlet.configeditor.data.SettingDataMaker;
+import password.pwm.http.servlet.peoplesearch.PeopleSearchService;
+import password.pwm.http.servlet.resource.ResourceServletService;
+import password.pwm.http.state.SessionStateService;
+import password.pwm.ldap.LdapConnectionService;
+import password.pwm.ldap.search.UserSearchEngine;
+import password.pwm.svc.PwmService;
+import password.pwm.svc.PwmServiceEnum;
+import password.pwm.svc.PwmServiceManager;
+import password.pwm.svc.cache.CacheService;
+import password.pwm.svc.email.EmailService;
+import password.pwm.svc.event.AuditEvent;
+import password.pwm.svc.event.AuditRecordFactory;
+import password.pwm.svc.event.AuditService;
+import password.pwm.svc.event.SystemAuditRecord;
+import password.pwm.svc.httpclient.HttpClientService;
+import password.pwm.svc.intruder.IntruderManager;
+import password.pwm.svc.intruder.RecordType;
+import password.pwm.svc.node.NodeService;
+import password.pwm.svc.pwnotify.PwNotifyService;
+import password.pwm.svc.report.ReportService;
+import password.pwm.svc.sessiontrack.SessionTrackService;
+import password.pwm.svc.sessiontrack.UserAgentUtils;
+import password.pwm.svc.shorturl.UrlShortenerService;
+import password.pwm.svc.stats.Statistic;
+import password.pwm.svc.stats.StatisticsManager;
+import password.pwm.svc.token.TokenService;
+import password.pwm.svc.wordlist.SeedlistService;
+import password.pwm.svc.wordlist.SharedHistoryManager;
+import password.pwm.svc.wordlist.WordlistService;
+import password.pwm.util.DailySummaryJob;
+import password.pwm.util.MBeanUtility;
+import password.pwm.util.PasswordData;
+import password.pwm.util.PwmScheduler;
+import password.pwm.util.cli.commands.ExportHttpsTomcatConfigCommand;
+import password.pwm.util.db.DatabaseAccessor;
+import password.pwm.util.db.DatabaseService;
+import password.pwm.util.java.FileSystemUtility;
+import password.pwm.util.java.JavaHelper;
+import password.pwm.util.java.JsonUtil;
+import password.pwm.util.java.StringUtil;
+import password.pwm.util.java.TimeDuration;
+import password.pwm.util.localdb.LocalDB;
+import password.pwm.util.localdb.LocalDBFactory;
+import password.pwm.util.logging.LocalDBLogger;
+import password.pwm.util.logging.PwmLogLevel;
+import password.pwm.util.logging.PwmLogManager;
+import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.macro.MacroRequest;
+import password.pwm.util.operations.CrService;
+import password.pwm.util.operations.OtpService;
+import password.pwm.util.queue.SmsQueueManager;
+import password.pwm.util.secure.HttpsServerCertificateManager;
+import password.pwm.util.secure.PwmRandom;
+import password.pwm.util.secure.SecureService;
+
+import java.io.ByteArrayOutputStream;
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileOutputStream;
+import java.io.IOException;
+import java.io.Serializable;
+import java.security.KeyStore;
+import java.time.Instant;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Optional;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.atomic.AtomicInteger;
+import java.util.function.Function;
+import java.util.function.Supplier;
+
+/**
+ * A repository for objects common to the servlet context.  A singleton
+ * of this object is stored in the servlet context.
+ *
+ * @author Jason D. Rivard
+ */
+public class PwmDomain
+{
+    private static final PwmLogger LOGGER = PwmLogger.forClass( PwmDomain.class );
+    private static final String DEFAULT_INSTANCE_ID = "-1";
+
+    private final Instant startupTime = Instant.now();
+    private final AtomicInteger activeServletRequests = new AtomicInteger( 0 );
+    private final PwmServiceManager pwmServiceManager = new PwmServiceManager();
+
+    private Instant installTime = Instant.now();
+    private ErrorInformation lastLocalDBFailure;
+    private PwmEnvironment pwmEnvironment;
+    private FileLocker fileLocker;
+    private PwmScheduler pwmScheduler;
+    private String instanceID = DEFAULT_INSTANCE_ID;
+    private String runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
+    private LocalDB localDB;
+    private LocalDBLogger localDBLogger;
+
+    public PwmDomain( final PwmEnvironment pwmEnvironment )
+            throws PwmUnrecoverableException
+    {
+        this.pwmEnvironment = pwmEnvironment;
+        pwmEnvironment.verifyIfApplicationPathIsSetProperly();
+
+        try
+        {
+            initialize();
+        }
+        catch ( final PwmUnrecoverableException e )
+        {
+            LOGGER.fatal( e::getMessage );
+            throw e;
+        }
+    }
+
+    public static PwmDomain createPwmApplication( final PwmEnvironment pwmEnvironment ) throws PwmUnrecoverableException
+    {
+        return new PwmDomain( pwmEnvironment );
+    }
+
+    private void initialize( )
+            throws PwmUnrecoverableException
+    {
+        final Instant startTime = Instant.now();
+
+        // initialize log4j
+        if ( !pwmEnvironment.isInternalRuntimeInstance() && !pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance ) )
+        {
+            final String log4jFileName = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_LOG4JCONFIG_FILE );
+            final File log4jFile = FileSystemUtility.figureFilepath( log4jFileName, pwmEnvironment.getApplicationPath() );
+            final String consoleLevel;
+            final String fileLevel;
+
+            switch ( getApplicationMode() )
+            {
+                case ERROR:
+                case NEW:
+                    consoleLevel = PwmLogLevel.TRACE.toString();
+                    fileLevel = PwmLogLevel.TRACE.toString();
+                    break;
+
+                default:
+                    consoleLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_JAVA_STDOUT_LEVEL );
+                    fileLevel = pwmEnvironment.getConfig().readSettingAsString( PwmSetting.EVENTS_FILE_LEVEL );
+                    break;
+            }
+
+            PwmLogManager.initializeLogger( this, pwmEnvironment.getConfig(), log4jFile, consoleLevel, pwmEnvironment.getApplicationPath(), fileLevel );
+
+            switch ( getApplicationMode() )
+            {
+                case RUNNING:
+                    break;
+
+                case ERROR:
+                    LOGGER.fatal( () -> "starting up in ERROR mode! Check log or health check information for cause" );
+                    break;
+
+                default:
+                    LOGGER.trace( () -> "setting log level to TRACE because application mode is " + getApplicationMode() );
+                    break;
+            }
+        }
+
+        // get file lock
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            fileLocker = new FileLocker( pwmEnvironment );
+            fileLocker.waitForFileLock();
+        }
+
+        // clear temp dir
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            final File tempFileDirectory = getTempDirectory();
+            try
+            {
+                FileSystemUtility.deleteDirectoryContents( tempFileDirectory );
+            }
+            catch ( final Exception e )
+            {
+                throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_STARTUP_ERROR,
+                        "unable to clear temp file directory '" + tempFileDirectory.getAbsolutePath() + "', error: " + e.getMessage()
+                ) );
+            }
+        }
+
+        if ( getApplicationMode() != PwmApplicationMode.READ_ONLY )
+        {
+            LOGGER.info( () -> "initializing, application mode=" + getApplicationMode()
+                    + ", applicationPath=" + ( pwmEnvironment.getApplicationPath() == null ? "null" : pwmEnvironment.getApplicationPath().getAbsolutePath() )
+                    + ", configFile=" + ( pwmEnvironment.getConfigurationFile() == null ? "null" : pwmEnvironment.getConfigurationFile().getAbsolutePath() )
+            );
+        }
+
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            if ( getApplicationMode() == PwmApplicationMode.ERROR )
+            {
+                LOGGER.warn( () -> "skipping LocalDB open due to application mode " + getApplicationMode() );
+            }
+            else
+            {
+                if ( localDB == null )
+                {
+                    this.localDB = Initializer.initializeLocalDB( this, pwmEnvironment );
+                }
+            }
+        }
+
+        this.localDBLogger = PwmLogManager.initializeLocalDBLogger( this );
+
+        // log the loaded configuration
+        LOGGER.debug( () -> "configuration load completed" );
+
+        // read the pwm servlet instance id
+        instanceID = fetchInstanceID( localDB, this );
+        LOGGER.debug( () -> "using '" + getInstanceID() + "' for instance's ID (instanceID)" );
+
+        // read the pwm installation date
+        installTime = fetchInstallDate( startupTime );
+        LOGGER.debug( () -> "this application instance first installed on " + JavaHelper.toIsoDate( installTime ) );
+
+        LOGGER.debug( () -> "application environment flags: " + JsonUtil.serializeCollection( pwmEnvironment.getFlags() ) );
+        LOGGER.debug( () -> "application environment parameters: " + JsonUtil.serializeMap( pwmEnvironment.getParameters() ) );
+
+        pwmScheduler = new PwmScheduler( getInstanceID() );
+
+        pwmServiceManager.initAllServices( this );
+
+        final boolean skipPostInit = pwmEnvironment.isInternalRuntimeInstance()
+                || pwmEnvironment.getFlags().contains( PwmEnvironment.ApplicationFlag.CommandLineInstance );
+
+        if ( !skipPostInit )
+        {
+            final TimeDuration totalTime = TimeDuration.fromCurrent( startTime );
+            LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " open for bidness! (" + totalTime.asCompactString() + ")" );
+            StatisticsManager.incrementStat( this, Statistic.PWM_STARTUPS );
+            LOGGER.debug( () -> "buildTime=" + PwmConstants.BUILD_TIME + ", javaLocale=" + Locale.getDefault() + ", DefaultLocale=" + PwmConstants.DEFAULT_LOCALE );
+
+            pwmScheduler.immediateExecuteInNewThread( this::postInitTasks, this.getClass().getSimpleName() + " postInit tasks" );
+        }
+    }
+
+    public void reInit( final PwmEnvironment pwmEnvironment )
+            throws PwmException
+    {
+        final Instant startTime = Instant.now();
+        LOGGER.debug( () -> "beginning application restart" );
+        shutdown( true );
+        this.pwmEnvironment = pwmEnvironment;
+        initialize();
+        runtimeNonce = PwmRandom.getInstance().randomUUID().toString();
+        LOGGER.debug( () -> "completed application restart", () -> TimeDuration.fromCurrent( startTime ) );
+    }
+
+    private void postInitTasks( )
+    {
+        final Instant startTime = Instant.now();
+
+        getPwmScheduler().immediateExecuteInNewThread( UserAgentUtils::initializeCache, "initialize useragent cache" );
+        getPwmScheduler().immediateExecuteInNewThread( SettingDataMaker::initializeCache, "initialize PwmSetting metadata" );
+
+        outputConfigurationToLog( this );
+
+        outputNonDefaultPropertiesToLog( this );
+
+        // send system audit event
+        try
+        {
+            final SystemAuditRecord auditRecord = new AuditRecordFactory( this ).createSystemAuditRecord(
+                    AuditEvent.STARTUP,
+                    null
+            );
+            getAuditManager().submit( null, auditRecord );
+        }
+        catch ( final PwmException e )
+        {
+            LOGGER.warn( () -> "unable to submit start alert event " + e.getMessage() );
+        }
+
+        try
+        {
+            final Map<PwmAboutProperty, String> infoMap = PwmAboutProperty.makeInfoBean( this );
+            LOGGER.trace( () ->  "application info: " + JsonUtil.serializeMap( infoMap ) );
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.error( () -> "error generating about application bean: " + e.getMessage(), e );
+        }
+
+        try
+        {
+            this.getIntruderManager().clear( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME );
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.warn( () -> "error while clearing configmanager-intruder-username from intruder table: " + e.getMessage() );
+        }
+
+        if ( !pwmEnvironment.isInternalRuntimeInstance() )
+        {
+            try
+            {
+                outputKeystore( this );
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.debug( () -> "error while generating keystore output: " + e.getMessage() );
+            }
+
+            try
+            {
+                outputTomcatConf( this );
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.debug( () -> "error while generating tomcat conf output: " + e.getMessage() );
+            }
+        }
+
+        MBeanUtility.registerMBean( this );
+
+        {
+            final ExecutorService executorService = PwmScheduler.makeSingleThreadExecutorService( this, PwmDomain.class );
+            pwmScheduler.scheduleDailyZuluZeroStartJob( new DailySummaryJob( this ), executorService, TimeDuration.ZERO );
+        }
+
+        LOGGER.trace( () -> "completed post init tasks", () -> TimeDuration.fromCurrent( startTime ) );
+    }
+
+    private static void outputKeystore( final PwmDomain pwmDomain ) throws Exception
+    {
+        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmDomain.getPwmEnvironment().getParameters();
+        final String keystoreFileString = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreFile );
+        if ( keystoreFileString != null && !keystoreFileString.isEmpty() )
+        {
+            LOGGER.trace( () -> "attempting to output keystore as configured by environment parameters to " + keystoreFileString );
+            final File keyStoreFile = new File( keystoreFileString );
+            final String password = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStorePassword );
+            final String alias = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoExportHttpsKeyStoreAlias );
+            final KeyStore keyStore = HttpsServerCertificateManager.keyStoreForApplication( pwmDomain, new PasswordData( password ), alias );
+            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
+            keyStore.store( outputContents, password.toCharArray() );
+            if ( keyStoreFile.exists() )
+            {
+                LOGGER.trace( () -> "deleting existing keystore file " + keyStoreFile.getAbsolutePath() );
+                if ( keyStoreFile.delete() )
+                {
+                    LOGGER.trace( () -> "deleted existing keystore file: " + keyStoreFile.getAbsolutePath() );
+                }
+            }
+
+            try ( FileOutputStream fileOutputStream = new FileOutputStream( keyStoreFile ) )
+            {
+                fileOutputStream.write( outputContents.toByteArray() );
+            }
+
+            LOGGER.info( () -> "successfully exported application https key to keystore file " + keyStoreFile.getAbsolutePath() );
+        }
+    }
+
+    private static void outputTomcatConf( final PwmDomain pwmDomain ) throws IOException
+    {
+        final Map<PwmEnvironment.ApplicationParameter, String> applicationParams = pwmDomain.getPwmEnvironment().getParameters();
+        final String tomcatOutputFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfOutputFile );
+        if ( tomcatOutputFileStr != null && !tomcatOutputFileStr.isEmpty() )
+        {
+            LOGGER.trace( () -> "attempting to output tomcat configuration file as configured by environment parameters to " + tomcatOutputFileStr );
+            final File tomcatOutputFile = new File( tomcatOutputFileStr );
+            final File tomcatSourceFile;
+            {
+                final String tomcatSourceFileStr = applicationParams.get( PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile );
+                if ( tomcatSourceFileStr != null && !tomcatSourceFileStr.isEmpty() )
+                {
+                    tomcatSourceFile = new File( tomcatSourceFileStr );
+                    if ( !tomcatSourceFile.exists() )
+                    {
+                        LOGGER.error( () -> "can not output tomcat configuration file, source file does not exist: " + tomcatSourceFile.getAbsolutePath() );
+                        return;
+                    }
+                }
+                else
+                {
+                    LOGGER.error( () -> "can not output tomcat configuration file, source file parameter '"
+                            + PwmEnvironment.ApplicationParameter.AutoWriteTomcatConfSourceFile.toString() + "' is not specified." );
+                    return;
+                }
+            }
+
+            final ByteArrayOutputStream outputContents = new ByteArrayOutputStream();
+            try ( FileInputStream fileInputStream = new FileInputStream( tomcatOutputFile ) )
+            {
+                ExportHttpsTomcatConfigCommand.TomcatConfigWriter.writeOutputFile(
+                        pwmDomain.getConfig(),
+                        fileInputStream,
+                        outputContents
+                );
+            }
+
+            if ( tomcatOutputFile.exists() )
+            {
+                LOGGER.trace( () -> "deleting existing tomcat configuration file " + tomcatOutputFile.getAbsolutePath() );
+                if ( tomcatOutputFile.delete() )
+                {
+                    LOGGER.trace( () -> "deleted existing tomcat configuration file: " + tomcatOutputFile.getAbsolutePath() );
+                }
+            }
+
+            try ( FileOutputStream fileOutputStream = new FileOutputStream( tomcatOutputFile ) )
+            {
+                fileOutputStream.write( outputContents.toByteArray() );
+            }
+
+            LOGGER.info( () -> "successfully wrote tomcat configuration to file " + tomcatOutputFile.getAbsolutePath() );
+        }
+    }
+
+    private static void outputConfigurationToLog( final PwmDomain pwmDomain )
+    {
+        final Instant startTime = Instant.now();
+
+        final Function<Map.Entry<String, String>, String> valueFormatter = entry ->
+        {
+            final String spacedValue = entry.getValue().replace( "\n", "\n   " );
+            return " " + entry.getKey() + "\n   " + spacedValue + "\n";
+        };
+
+        final StoredConfiguration storedConfiguration = pwmDomain.getConfig().getStoredConfiguration();
+        final Map<String, String> debugStrings = StoredConfigurationUtil.makeDebugMap( storedConfiguration, storedConfiguration.modifiedItems(), PwmConstants.DEFAULT_LOCALE );
+
+        LOGGER.trace( () -> "--begin current configuration output--" );
+        debugStrings.entrySet().stream()
+                .map( valueFormatter )
+                .map( s -> ( Supplier<CharSequence> ) () -> s )
+                .forEach( LOGGER::trace );
+        LOGGER.trace( () -> "--end current configuration output--", () -> TimeDuration.fromCurrent( startTime ) );
+    }
+
+    private static void outputNonDefaultPropertiesToLog( final PwmDomain pwmDomain )
+    {
+        final Instant startTime = Instant.now();
+
+        final Map<AppProperty, String> nonDefaultProperties = pwmDomain.getConfig().readAllNonDefaultAppProperties();
+        if ( !JavaHelper.isEmpty( nonDefaultProperties ) )
+        {
+            LOGGER.trace( () -> "--begin non-default app properties output--" );
+            nonDefaultProperties.entrySet().stream()
+                    .map( entry -> "AppProperty: " + entry.getKey().getKey() + " -> " + entry.getValue() )
+                    .map( s -> ( Supplier<CharSequence> ) () -> s )
+                    .forEach( LOGGER::trace );
+            LOGGER.trace( () -> "--end non-default app properties output--", () -> TimeDuration.fromCurrent( startTime ) );
+        }
+        else
+        {
+            LOGGER.trace( () -> "no non-default app properties in configuration" );
+        }
+    }
+
+    public String getInstanceID( )
+    {
+        return instanceID;
+    }
+
+    public SharedHistoryManager getSharedHistoryManager( )
+    {
+        return ( SharedHistoryManager ) pwmServiceManager.getService( PwmServiceEnum.SharedHistoryManager );
+    }
+
+    public IntruderManager getIntruderManager( )
+    {
+        return ( IntruderManager ) pwmServiceManager.getService( PwmServiceEnum.IntruderManager );
+    }
+
+    public ChaiUser getProxiedChaiUser( final UserIdentity userIdentity )
+            throws PwmUnrecoverableException
+    {
+        try
+        {
+            final ChaiProvider proxiedProvider = getProxyChaiProvider( userIdentity.getLdapProfileID() );
+            return proxiedProvider.getEntryFactory().newChaiUser( userIdentity.getUserDN() );
+        }
+        catch ( final ChaiUnavailableException e )
+        {
+            throw PwmUnrecoverableException.fromChaiException( e );
+        }
+    }
+
+    public ChaiProvider getProxyChaiProvider( final String identifier )
+            throws PwmUnrecoverableException
+    {
+        return getLdapConnectionService().getProxyChaiProvider( identifier );
+    }
+
+    public LocalDBLogger getLocalDBLogger( )
+    {
+        return localDBLogger;
+    }
+
+    public HealthMonitor getHealthMonitor( )
+    {
+        return ( HealthMonitor ) pwmServiceManager.getService( PwmServiceEnum.HealthMonitor );
+    }
+
+    public HttpClientService getHttpClientService()
+    {
+        return ( HttpClientService ) pwmServiceManager.getService( PwmServiceEnum.HttpClientService );
+    }
+
+    public List<PwmService> getPwmServices( )
+    {
+        final List<PwmService> pwmServices = new ArrayList<>();
+        pwmServices.add( this.localDBLogger );
+        pwmServices.addAll( this.pwmServiceManager.getRunningServices() );
+        pwmServices.remove( null );
+        return Collections.unmodifiableList( pwmServices );
+    }
+
+    public WordlistService getWordlistService( )
+    {
+        return ( WordlistService ) pwmServiceManager.getService( PwmServiceEnum.WordlistManager );
+    }
+
+    public SeedlistService getSeedlistManager( )
+    {
+        return ( SeedlistService ) pwmServiceManager.getService( PwmServiceEnum.SeedlistManager );
+    }
+
+    public ReportService getReportService( )
+    {
+        return ( ReportService ) pwmServiceManager.getService( PwmServiceEnum.ReportService );
+    }
+
+    public EmailService getEmailQueue( )
+    {
+        return ( EmailService ) pwmServiceManager.getService( PwmServiceEnum.EmailQueueManager );
+    }
+
+    public AuditService getAuditManager( )
+    {
+        return ( AuditService ) pwmServiceManager.getService( PwmServiceEnum.AuditService );
+    }
+
+    public SmsQueueManager getSmsQueue( )
+    {
+        return ( SmsQueueManager ) pwmServiceManager.getService( PwmServiceEnum.SmsQueueManager );
+    }
+
+    public PwNotifyService getPwNotifyService( )
+    {
+        return ( PwNotifyService ) pwmServiceManager.getService( PwmServiceEnum.PwExpiryNotifyService );
+    }
+
+    public UrlShortenerService getUrlShortener( )
+    {
+        return ( UrlShortenerService ) pwmServiceManager.getService( PwmServiceEnum.UrlShortenerService );
+    }
+
+    public UserSearchEngine getUserSearchEngine( )
+    {
+        return ( UserSearchEngine ) pwmServiceManager.getService( PwmServiceEnum.UserSearchEngine );
+    }
+
+    public NodeService getClusterService( )
+    {
+        return ( NodeService ) pwmServiceManager.getService( PwmServiceEnum.ClusterService );
+    }
+
+    public ErrorInformation getLastLocalDBFailure( )
+    {
+        return lastLocalDBFailure;
+    }
+
+    public TokenService getTokenService( )
+    {
+        return ( TokenService ) pwmServiceManager.getService( PwmServiceEnum.TokenService );
+    }
+
+    public LdapConnectionService getLdapConnectionService( )
+    {
+        return ( LdapConnectionService ) pwmServiceManager.getService( PwmServiceEnum.LdapConnectionService );
+    }
+
+    public SessionTrackService getSessionTrackService( )
+    {
+        return ( SessionTrackService ) pwmServiceManager.getService( PwmServiceEnum.SessionTrackService );
+    }
+
+    public ResourceServletService getResourceServletService( )
+    {
+        return ( ResourceServletService ) pwmServiceManager.getService( PwmServiceEnum.ResourceServletService );
+    }
+
+    public PeopleSearchService getPeopleSearchService( )
+    {
+        return ( PeopleSearchService ) pwmServiceManager.getService( PwmServiceEnum.PeopleSearchService );
+    }
+
+    public DomainConfig getConfig( )
+    {
+        return pwmEnvironment.getConfig();
+    }
+
+    public PwmApplicationMode getApplicationMode( )
+    {
+        return pwmEnvironment.getApplicationMode();
+    }
+
+    public DatabaseAccessor getDatabaseAccessor( )
+
+            throws PwmUnrecoverableException
+    {
+        return getDatabaseService().getAccessor();
+    }
+
+    public DatabaseService getDatabaseService( )
+    {
+        return ( DatabaseService ) pwmServiceManager.getService( PwmServiceEnum.DatabaseService );
+    }
+
+
+    private Instant fetchInstallDate( final Instant startupTime )
+    {
+        if ( localDB != null )
+        {
+            try
+            {
+                final Optional<String> storedDateStr = readAppAttribute( AppAttribute.INSTALL_DATE, String.class );
+                if ( !storedDateStr.isPresent() )
+                {
+                    writeAppAttribute( AppAttribute.INSTALL_DATE, String.valueOf( startupTime.toEpochMilli() ) );
+                }
+                else
+                {
+                    return Instant.ofEpochMilli( Long.parseLong( storedDateStr.get() ) );
+                }
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.error( () -> "error retrieving installation date from localDB: " + e.getMessage() );
+            }
+        }
+        return Instant.now();
+    }
+
+    private String fetchInstanceID( final LocalDB localDB, final PwmDomain pwmDomain )
+    {
+        {
+            final String newInstanceID = pwmDomain.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.InstanceID );
+
+            if ( !StringUtil.isTrimEmpty( newInstanceID ) )
+            {
+                return newInstanceID;
+            }
+        }
+
+        {
+            final Optional<String> optionalStoredInstanceID = readAppAttribute( AppAttribute.INSTANCE_ID, String.class );
+            if ( optionalStoredInstanceID.isPresent() )
+            {
+                final String instanceID = optionalStoredInstanceID.get();
+                if ( !StringUtil.isTrimEmpty( instanceID ) )
+                {
+                    LOGGER.trace( () -> "retrieved instanceID " + instanceID + "" + " from localDB" );
+                    return instanceID;
+                }
+            }
+        }
+
+        final PwmRandom pwmRandom = PwmRandom.getInstance();
+        final String newInstanceID = Long.toHexString( pwmRandom.nextLong() ).toUpperCase();
+        LOGGER.debug( () -> "generated new random instanceID " + newInstanceID );
+
+        if ( localDB != null )
+        {
+            writeAppAttribute( AppAttribute.INSTANCE_ID, newInstanceID );
+        }
+
+        return newInstanceID;
+    }
+
+    public StatisticsManager getStatisticsManager( )
+    {
+        return ( StatisticsManager ) pwmServiceManager.getService( PwmServiceEnum.StatisticsManager );
+    }
+
+    public OtpService getOtpService( )
+    {
+        return ( OtpService ) pwmServiceManager.getService( PwmServiceEnum.OtpService );
+    }
+
+    public CrService getCrService( )
+    {
+        return ( CrService ) pwmServiceManager.getService( PwmServiceEnum.CrService );
+    }
+
+    public SessionStateService getSessionStateService( )
+    {
+        return ( SessionStateService ) pwmServiceManager.getService( PwmServiceEnum.SessionStateSvc );
+    }
+
+
+    public CacheService getCacheService( )
+    {
+        return ( CacheService ) pwmServiceManager.getService( PwmServiceEnum.CacheService );
+    }
+
+    public SecureService getSecureService( )
+    {
+        return ( SecureService ) pwmServiceManager.getService( PwmServiceEnum.SecureService );
+    }
+
+    public void sendSmsUsingQueue(
+            final String to,
+            final String message,
+            final SessionLabel sessionLabel,
+            final MacroRequest macroRequest
+    )
+    {
+        final SmsQueueManager smsQueue = getSmsQueue();
+        if ( smsQueue == null )
+        {
+            LOGGER.error( sessionLabel, () -> "SMS queue is unavailable, unable to send SMS to: " + to );
+            return;
+        }
+
+        final SmsItemBean smsItemBean = new SmsItemBean(
+                macroRequest.expandMacros( to ),
+                macroRequest.expandMacros( message ),
+                sessionLabel
+        );
+
+        try
+        {
+            smsQueue.addSmsToQueue( smsItemBean );
+        }
+        catch ( final PwmUnrecoverableException e )
+        {
+            LOGGER.warn( () -> "unable to add sms to queue: " + e.getMessage() );
+        }
+    }
+
+    public void shutdown( )
+    {
+        shutdown( false );
+    }
+
+    public void shutdown( final boolean keepServicesRunning )
+    {
+        pwmScheduler.shutdown();
+
+        LOGGER.warn( () -> "shutting down" );
+        {
+            // send system audit event
+            try
+            {
+                final SystemAuditRecord auditRecord = new AuditRecordFactory( this ).createSystemAuditRecord(
+                        AuditEvent.SHUTDOWN,
+                        null
+                );
+                if ( getAuditManager() != null )
+                {
+                    getAuditManager().submit( null, auditRecord );
+                }
+            }
+            catch ( final PwmException e )
+            {
+                LOGGER.warn( () -> "unable to submit shutdown alert event " + e.getMessage() );
+            }
+        }
+
+        MBeanUtility.unregisterMBean( this );
+
+        if ( !keepServicesRunning )
+        {
+            pwmServiceManager.shutdownAllServices();
+        }
+
+        if ( localDBLogger != null )
+        {
+            try
+            {
+                localDBLogger.close();
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.error( () -> "error closing localDBLogger: " + e.getMessage(), e );
+            }
+            localDBLogger = null;
+        }
+
+        if ( keepServicesRunning )
+        {
+            LOGGER.trace( () -> "skipping close of LocalDB (restart request)" );
+        }
+        else if ( localDB != null )
+        {
+            try
+            {
+                LOGGER.trace( () -> "beginning close of LocalDB" );
+                localDB.close();
+            }
+            catch ( final Exception e )
+            {
+                LOGGER.fatal( () -> "error closing localDB: " + e, e );
+            }
+            localDB = null;
+        }
+
+        if ( fileLocker != null )
+        {
+            fileLocker.releaseFileLock();
+        }
+
+        LOGGER.info( () -> PwmConstants.PWM_APP_NAME + " " + PwmConstants.SERVLET_VERSION + " closed for bidness, cya!" );
+    }
+
+    public Instant getStartupTime( )
+    {
+        return startupTime;
+    }
+
+    public Instant getInstallTime( )
+    {
+        return installTime;
+    }
+
+    public LocalDB getLocalDB( )
+    {
+        return localDB;
+    }
+
+    private static class Initializer
+    {
+        public static LocalDB initializeLocalDB( final PwmDomain pwmDomain, final PwmEnvironment pwmEnvironment )
+                throws PwmUnrecoverableException
+        {
+            final File databaseDirectory;
+
+            try
+            {
+                final String localDBLocationSetting = pwmDomain.getConfig().readAppProperty( AppProperty.LOCALDB_LOCATION );
+                databaseDirectory = FileSystemUtility.figureFilepath( localDBLocationSetting, pwmDomain.pwmEnvironment.getApplicationPath() );
+            }
+            catch ( final Exception e )
+            {
+                pwmDomain.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "error locating configured LocalDB directory: " + e.getMessage() );
+                LOGGER.warn( () -> pwmDomain.lastLocalDBFailure.toDebugStr() );
+                throw new PwmUnrecoverableException( pwmDomain.lastLocalDBFailure );
+            }
+
+            LOGGER.debug( () -> "using localDB path " + databaseDirectory );
+
+            // initialize the localDB
+            try
+            {
+                final boolean readOnly = pwmDomain.getApplicationMode() == PwmApplicationMode.READ_ONLY;
+                return LocalDBFactory.getInstance( databaseDirectory, readOnly, pwmEnvironment, pwmDomain.getConfig() );
+            }
+            catch ( final Exception e )
+            {
+                pwmDomain.lastLocalDBFailure = new ErrorInformation( PwmError.ERROR_LOCALDB_UNAVAILABLE, "unable to initialize LocalDB: " + e.getMessage() );
+                LOGGER.warn( () -> pwmDomain.lastLocalDBFailure.toDebugStr() );
+                throw new PwmUnrecoverableException( pwmDomain.lastLocalDBFailure );
+            }
+        }
+    }
+
+    public PwmEnvironment getPwmEnvironment( )
+    {
+        return pwmEnvironment;
+    }
+
+    public String getRuntimeNonce( )
+    {
+        return runtimeNonce;
+    }
+
+    public <T extends Serializable> Optional<T> readAppAttribute( final AppAttribute appAttribute, final Class<T> returnClass )
+    {
+        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
+        {
+            LOGGER.debug( () -> "error retrieving key '" + appAttribute.getKey() + "', localDB unavailable: " );
+            return Optional.empty();
+        }
+
+        if ( appAttribute == null )
+        {
+            return Optional.empty();
+        }
+
+        try
+        {
+            final String strValue = localDB.get( LocalDB.DB.PWM_META, appAttribute.getKey() );
+            return Optional.of( JsonUtil.deserialize( strValue, returnClass ) );
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' value from localDB: " + e.getMessage() );
+        }
+        return Optional.empty();
+    }
+
+    public void writeAppAttribute( final AppAttribute appAttribute, final Serializable value )
+    {
+        if ( localDB == null || localDB.status() != LocalDB.Status.OPEN )
+        {
+            LOGGER.error( () -> "error writing key '" + appAttribute.getKey() + "', localDB unavailable: " );
+            return;
+        }
+
+        if ( appAttribute == null )
+        {
+            return;
+        }
+
+        try
+        {
+            if ( value == null )
+            {
+                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
+            }
+            else
+            {
+                final String jsonValue = JsonUtil.serialize( value );
+                localDB.put( LocalDB.DB.PWM_META, appAttribute.getKey(), jsonValue );
+            }
+        }
+        catch ( final Exception e )
+        {
+            LOGGER.error( () -> "error retrieving key '" + appAttribute.getKey() + "' installation date from localDB: " + e.getMessage() );
+            try
+            {
+                localDB.remove( LocalDB.DB.PWM_META, appAttribute.getKey() );
+            }
+            catch ( final Exception e2 )
+            {
+                LOGGER.error( () -> "error removing bogus appAttribute value for key " + appAttribute.getKey() + ", error: " + localDB );
+            }
+        }
+    }
+
+    public File getTempDirectory( ) throws PwmUnrecoverableException
+    {
+        if ( pwmEnvironment.getApplicationPath() == null )
+        {
+            final ErrorInformation errorInformation = new ErrorInformation(
+                    PwmError.ERROR_STARTUP_ERROR,
+                    "unable to establish temp work directory: application path unavailable"
+            );
+            throw new PwmUnrecoverableException( errorInformation );
+        }
+        final File tempDirectory = new File( pwmEnvironment.getApplicationPath() + File.separator + "temp" );
+        if ( !tempDirectory.exists() )
+        {
+            LOGGER.trace( () -> "preparing to create temporary directory " + tempDirectory.getAbsolutePath() );
+            if ( tempDirectory.mkdir() )
+            {
+                LOGGER.debug( () -> "created " + tempDirectory.getAbsolutePath() );
+            }
+            else
+            {
+                LOGGER.debug( () -> "unable to create temporary directory " + tempDirectory.getAbsolutePath() );
+                final ErrorInformation errorInformation = new ErrorInformation(
+                        PwmError.ERROR_STARTUP_ERROR,
+                        "unable to establish create temp work directory " + tempDirectory.getAbsolutePath()
+                );
+                throw new PwmUnrecoverableException( errorInformation );
+            }
+        }
+        return tempDirectory;
+    }
+
+    public boolean determineIfDetailErrorMsgShown( )
+    {
+        final PwmApplicationMode mode = this.getApplicationMode();
+        if ( mode == PwmApplicationMode.CONFIGURATION || mode == PwmApplicationMode.NEW )
+        {
+            return true;
+        }
+        if ( mode == PwmApplicationMode.RUNNING )
+        {
+            if ( this.getConfig() != null )
+            {
+                if ( this.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SHOW_DETAILED_ERRORS ) )
+                {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
+    public AtomicInteger getActiveServletRequests( )
+    {
+        return activeServletRequests;
+    }
+
+    public PwmScheduler getPwmScheduler()
+    {
+        return pwmScheduler;
+    }
+}
+
+
+

server/src/main/java/password/pwm/PwmEnvironment.java

@@ -23,7 +23,7 @@ package password.pwm;
 import lombok.Builder;
 import lombok.Singular;
 import lombok.Value;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
@@ -52,7 +52,7 @@ public class PwmEnvironment
     @lombok.Builder.Default
     private PwmApplicationMode applicationMode = PwmApplicationMode.ERROR;
 
-    private Configuration config;
+    private DomainConfig config;
     private File applicationPath;
     private boolean internalRuntimeInstance;
     private File configurationFile;
@@ -168,7 +168,7 @@ public class PwmEnvironment
     }
 
     public PwmEnvironment makeRuntimeInstance(
-            final Configuration configuration
+            final DomainConfig domainConfig
     )
             throws PwmUnrecoverableException
     {
@@ -176,7 +176,7 @@ public class PwmEnvironment
                 .applicationMode( PwmApplicationMode.READ_ONLY )
                 .internalRuntimeInstance( true )
                 .configurationFile( null )
-                .config( configuration )
+                .config( domainConfig )
                 .build();
     }
 

server/src/main/java/password/pwm/VerificationMethodSystem.java

@@ -82,6 +82,6 @@ public interface VerificationMethodSystem
 
     VerificationState getVerificationState( );
 
-    void init( PwmApplication pwmApplication, UserInfo userInfoBean, SessionLabel sessionLabel, Locale locale )
+    void init( PwmDomain pwmDomain, UserInfo userInfoBean, SessionLabel sessionLabel, Locale locale )
             throws PwmUnrecoverableException;
 }

server/src/main/java/password/pwm/bean/TokenDestinationItem.java

@@ -24,8 +24,8 @@ import lombok.Builder;
 import lombok.Getter;
 import lombok.Value;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
-import password.pwm.config.Configuration;
+import password.pwm.PwmDomain;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.MessageSendMethod;
 import password.pwm.error.PwmUnrecoverableException;
@@ -95,15 +95,15 @@ public class TokenDestinationItem implements Serializable
     }
 
     public static List<TokenDestinationItem> allFromConfig(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final UserInfo userInfo
     )
             throws PwmUnrecoverableException
     {
-        final Configuration configuration = pwmApplication.getConfig();
-        final SecureService secureService = pwmApplication.getSecureService();
+        final DomainConfig domainConfig = pwmDomain.getConfig();
+        final SecureService secureService = pwmDomain.getSecureService();
 
-        final TokenDestinationDisplayMasker tokenDestinationDisplayMasker = new TokenDestinationDisplayMasker( configuration );
+        final TokenDestinationDisplayMasker tokenDestinationDisplayMasker = new TokenDestinationDisplayMasker( domainConfig );
 
         final Map<String, TokenDestinationItem> results = new LinkedHashMap<>(  );
 
@@ -191,14 +191,14 @@ public class TokenDestinationItem implements Serializable
         return returnList;
     }
 
-    public String longDisplay( final Locale locale, final Configuration configuration )
+    public String longDisplay( final Locale locale, final DomainConfig domainConfig )
     {
         final Map<String, String> tokens = new HashMap<>();
-        tokens.put( "%LABEL%", LocaleHelper.getLocalizedMessage( locale, getType().getButtonLocalization(), configuration ) );
-        tokens.put( "%MESSAGE%", LocaleHelper.getLocalizedMessage( locale, getType().getDisplayLocalization(), configuration ) );
+        tokens.put( "%LABEL%", LocaleHelper.getLocalizedMessage( locale, getType().getButtonLocalization(), domainConfig ) );
+        tokens.put( "%MESSAGE%", LocaleHelper.getLocalizedMessage( locale, getType().getDisplayLocalization(), domainConfig ) );
         tokens.put( "%VALUE%", this.getDisplay() );
 
-        String output = configuration.readAppProperty( AppProperty.REST_SERVER_FORGOTTEN_PW_TOKEN_DISPLAY );
+        String output = domainConfig.readAppProperty( AppProperty.REST_SERVER_FORGOTTEN_PW_TOKEN_DISPLAY );
         for ( final Map.Entry<String, String> entry : tokens.entrySet() )
         {
             output = output.replace( entry.getKey(), entry.getValue() );

server/src/main/java/password/pwm/bean/UserIdentity.java

@@ -24,9 +24,9 @@ import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiException;
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import org.jetbrains.annotations.NotNull;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.profile.LdapProfile;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
@@ -98,10 +98,10 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         return ldapProfile;
     }
 
-    public LdapProfile getLdapProfile( final Configuration configuration )
+    public LdapProfile getLdapProfile( final DomainConfig domainConfig )
     {
-        Objects.requireNonNull( configuration );
-        final LdapProfile ldapProfile = configuration.getLdapProfiles().get( this.getLdapProfileID() );
+        Objects.requireNonNull( domainConfig );
+        final LdapProfile ldapProfile = domainConfig.getLdapProfiles().get( this.getLdapProfileID() );
         if ( ldapProfile == null )
         {
             throw new IllegalStateException( "bogus ldapProfileID on userIdentity: "  + this.getLdapProfileID() );
@@ -114,7 +114,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         return toDisplayString();
     }
 
-    public String toObfuscatedKey( final PwmApplication pwmApplication )
+    public String toObfuscatedKey( final PwmDomain pwmDomain )
             throws PwmUnrecoverableException
     {
         // use local cache first.
@@ -124,7 +124,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         }
 
         // check app cache.  This is used primarily so that keys are static over some meaningful lifetime, allowing browser caching based on keys.
-        final CacheService cacheService = pwmApplication.getCacheService();
+        final CacheService cacheService = pwmDomain.getCacheService();
         final CacheKey cacheKey = CacheKey.newKey( this.getClass(), this, "obfuscatedKey" );
         final String cachedValue = cacheService.get( cacheKey, String.class );
 
@@ -138,7 +138,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         try
         {
             final String jsonValue = JsonUtil.serialize( this );
-            final String localValue = CRYPO_HEADER + pwmApplication.getSecureService().encryptToString( jsonValue );
+            final String localValue = CRYPO_HEADER + pwmDomain.getSecureService().encryptToString( jsonValue );
             this.obfuscatedValue = localValue;
             cacheService.put( cacheKey, CachePolicy.makePolicyWithExpiration( TimeDuration.DAY ), localValue );
             return localValue;
@@ -159,10 +159,10 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         return this.getUserDN() + ( ( this.getLdapProfileID() != null && !this.getLdapProfileID().isEmpty() ) ? " (" + this.getLdapProfileID() + ")" : "" );
     }
 
-    public static UserIdentity fromObfuscatedKey( final String key, final PwmApplication pwmApplication )
+    public static UserIdentity fromObfuscatedKey( final String key, final PwmDomain pwmDomain )
             throws PwmUnrecoverableException
     {
-        Objects.requireNonNull( pwmApplication );
+        Objects.requireNonNull( pwmDomain );
         JavaHelper.requireNonEmpty( key, "key can not be null or empty" );
 
         if ( !key.startsWith( CRYPO_HEADER ) )
@@ -173,7 +173,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         try
         {
             final String input = key.substring( CRYPO_HEADER.length() );
-            final String jsonValue = pwmApplication.getSecureService().decryptStringValue( input );
+            final String jsonValue = pwmDomain.getSecureService().decryptStringValue( input );
             return JsonUtil.deserialize( jsonValue, UserIdentity.class );
         }
         catch ( final Exception e )
@@ -201,20 +201,20 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
         return createUserIdentity( userDN, profileID );
     }
 
-    public static UserIdentity fromKey( final String key, final PwmApplication pwmApplication )
+    public static UserIdentity fromKey( final String key, final PwmDomain pwmDomain )
             throws PwmUnrecoverableException
     {
         JavaHelper.requireNonEmpty( key );
 
         if ( key.startsWith( CRYPO_HEADER ) )
         {
-            return fromObfuscatedKey( key, pwmApplication );
+            return fromObfuscatedKey( key, pwmDomain );
         }
 
         return fromDelimitedKey( key );
     }
 
-    public boolean canonicalEquals( final UserIdentity otherIdentity, final PwmApplication pwmApplication )
+    public boolean canonicalEquals( final UserIdentity otherIdentity, final PwmDomain pwmDomain )
             throws PwmUnrecoverableException
     {
         if ( otherIdentity == null )
@@ -222,8 +222,8 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
             return false;
         }
 
-        final UserIdentity thisCanonicalIdentity = this.canonicalized( pwmApplication );
-        final UserIdentity otherCanonicalIdentity = otherIdentity.canonicalized( pwmApplication );
+        final UserIdentity thisCanonicalIdentity = this.canonicalized( pwmDomain );
+        final UserIdentity otherCanonicalIdentity = otherIdentity.canonicalized( pwmDomain );
         return thisCanonicalIdentity.equals( otherCanonicalIdentity );
     }
 
@@ -276,7 +276,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
     }
 
 
-    public UserIdentity canonicalized( final PwmApplication pwmApplication )
+    public UserIdentity canonicalized( final PwmDomain pwmDomain )
             throws PwmUnrecoverableException
     {
         if ( this.canonical )
@@ -284,7 +284,7 @@ public class UserIdentity implements Serializable, Comparable<UserIdentity>
             return this;
         }
 
-        final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser( this );
+        final ChaiUser chaiUser = pwmDomain.getProxiedChaiUser( this );
         final String userDN;
         try
         {

server/src/main/java/password/pwm/bean/pub/PublicUserInfoBean.java

@@ -23,7 +23,7 @@ package password.pwm.bean.pub;
 import lombok.Builder;
 import lombok.Value;
 import password.pwm.bean.PasswordStatus;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.profile.PwmPasswordRule;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.tag.PasswordRequirementsTag;
@@ -70,7 +70,7 @@ public class PublicUserInfoBean implements Serializable
 
     public static PublicUserInfoBean fromUserInfoBean(
             final UserInfo userInfoBean,
-            final Configuration config,
+            final DomainConfig config,
             final Locale locale,
             final MacroRequest macroRequest
     )

server/src/main/java/password/pwm/config/AppConfig.java

@@ -0,0 +1,179 @@
+/*
+ * Password Management Servlets (PWM)
+ * http://www.pwm-project.org
+ *
+ * Copyright (c) 2006-2009 Novell, Inc.
+ * Copyright (c) 2009-2020 The PWM Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package password.pwm.config;
+
+import password.pwm.AppProperty;
+import password.pwm.config.stored.StoredConfiguration;
+import password.pwm.error.ErrorInformation;
+import password.pwm.error.PwmError;
+import password.pwm.error.PwmUnrecoverableException;
+import password.pwm.util.PasswordData;
+import password.pwm.util.java.LazySupplier;
+import password.pwm.util.java.StringUtil;
+import password.pwm.util.logging.PwmLogger;
+import password.pwm.util.secure.PwmRandom;
+import password.pwm.util.secure.PwmSecurityKey;
+
+import java.util.LinkedHashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.function.Supplier;
+import java.util.stream.Collectors;
+
+public class AppConfig
+{
+    private static final PwmLogger LOGGER = PwmLogger.forClass( AppConfig.class );
+    private final ConfigurationSuppliers configurationSuppliers = new ConfigurationSuppliers();
+
+    private final StoredConfiguration storedConfiguration;
+    private final SettingReader settingReader;
+    private final Map<String, DomainConfig> domainConfigMap;
+
+    private PwmSecurityKey tempInstanceKey = null;
+
+    public AppConfig( final StoredConfiguration storedConfiguration )
+    {
+        this.storedConfiguration = storedConfiguration;
+        this.settingReader = new SettingReader( storedConfiguration, null, null );
+        domainConfigMap = getDomainIDs().stream().collect( Collectors.toUnmodifiableMap(
+                ( domainID ) -> domainID,
+                ( domainID ) -> new DomainConfig( storedConfiguration ) ) );
+    }
+
+    public List<String> getDomainIDs()
+    {
+        return settingReader.readSettingAsStringArray( PwmSetting.DOMAIN_LIST );
+    }
+
+    public Map<String, DomainConfig> domainConfigMap()
+    {
+        return domainConfigMap;
+    }
+
+    public String readSettingAsString( final PwmSetting pwmSetting )
+    {
+        return settingReader.readSettingAsString( pwmSetting );
+    }
+
+    public String readAppProperty( final AppProperty property )
+    {
+        return configurationSuppliers.appPropertyOverrides.get().getOrDefault( property.getKey(), property.getDefaultValue() );
+    }
+
+    public Map<AppProperty, String> readAllNonDefaultAppProperties( )
+    {
+        final LinkedHashMap<AppProperty, String> nonDefaultProperties = new LinkedHashMap<>();
+        for ( final AppProperty loopProperty : AppProperty.values() )
+        {
+            final String configuredValue = readAppProperty( loopProperty );
+            final String defaultValue = loopProperty.getDefaultValue();
+            if ( configuredValue != null && !configuredValue.equals( defaultValue ) )
+            {
+                nonDefaultProperties.put( loopProperty, configuredValue );
+            }
+        }
+        return nonDefaultProperties;
+    }
+
+    public StoredConfiguration getStoredConfiguration()
+    {
+        return storedConfiguration;
+    }
+
+    public PwmSecurityKey getSecurityKey() throws PwmUnrecoverableException
+    {
+        return configurationSuppliers.pwmSecurityKey.call();
+    }
+
+    public <E extends Enum<E>> Set<E> readSettingAsOptionList( final PwmSetting pwmSetting, final Class<E> enumClass )
+    {
+        return settingReader.readSettingAsOptionList( pwmSetting, enumClass );
+    }
+
+    public boolean readSettingAsBoolean( final PwmSetting pwmSetting )
+    {
+        return settingReader.readSettingAsBoolean( pwmSetting );
+    }
+
+    public List<String> readSettingAsStringArray( final PwmSetting pwmSetting )
+    {
+        return settingReader.readSettingAsStringArray( pwmSetting );
+    }
+
+    public boolean isDevDebugMode( )
+    {
+        return Boolean.parseBoolean( readAppProperty( AppProperty.LOGGING_DEV_OUTPUT ) );
+    }
+
+    public long readSettingAsLong( final PwmSetting pwmSetting )
+    {
+        return settingReader.readSettingAsLong( pwmSetting );
+    }
+
+    private class ConfigurationSuppliers
+    {
+        private final Supplier<Map<String, String>> appPropertyOverrides = new LazySupplier<>( () ->
+                StringUtil.convertStringListToNameValuePair(
+                        settingReader.readSettingAsStringArray( PwmSetting.APP_PROPERTY_OVERRIDES ), "=" ) );
+
+        private final LazySupplier.CheckedSupplier<PwmSecurityKey, PwmUnrecoverableException> pwmSecurityKey
+                = LazySupplier.checked( () ->
+        {
+            final PasswordData configValue = settingReader.readSettingAsPassword( PwmSetting.PWM_SECURITY_KEY );
+
+            if ( configValue == null || configValue.getStringValue().isEmpty() )
+            {
+                final String errorMsg = "Security Key value is not configured, will generate temp value for use by runtime instance";
+                final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_INVALID_SECURITY_KEY, errorMsg );
+                LOGGER.warn( errorInfo::toDebugStr );
+                if ( tempInstanceKey == null )
+                {
+                    tempInstanceKey = new PwmSecurityKey( PwmRandom.getInstance().alphaNumericString( 1024 ) );
+                }
+                return tempInstanceKey;
+            }
+            else
+            {
+                final int minSecurityKeyLength = Integer.parseInt( readAppProperty( AppProperty.SECURITY_CONFIG_MIN_SECURITY_KEY_LENGTH ) );
+                if ( configValue.getStringValue().length() < minSecurityKeyLength )
+                {
+                    final String errorMsg = "Security Key must be greater than 32 characters in length";
+                    final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_INVALID_SECURITY_KEY, errorMsg );
+                    throw new PwmUnrecoverableException( errorInfo );
+                }
+
+                try
+                {
+                    return new PwmSecurityKey( configValue.getStringValue() );
+                }
+                catch ( final Exception e )
+                {
+                    final String errorMsg = "unexpected error generating Security Key crypto: " + e.getMessage();
+                    final ErrorInformation errorInfo = new ErrorInformation( PwmError.ERROR_INVALID_SECURITY_KEY, errorMsg );
+                    LOGGER.error( errorInfo::toDebugStr, e );
+                    throw new PwmUnrecoverableException( errorInfo );
+                }
+            }
+        } );
+
+    }
+}

server/src/main/java/password/pwm/config/ConfigurationUtil.java

@@ -25,7 +25,7 @@ import password.pwm.config.option.DataStorageMethod;
 import java.util.List;
 
 /**
- * Static helper methods for reading {@link Configuration} values.
+ * Static helper methods for reading {@link DomainConfig} values.
  */
 public class ConfigurationUtil
 {
@@ -33,13 +33,13 @@ public class ConfigurationUtil
     {
     }
 
-    public static List<DataStorageMethod> getCrReadPreference( final Configuration configuration )
+    public static List<DataStorageMethod> getCrReadPreference( final DomainConfig domainConfig )
     {
-        final List<DataStorageMethod> readPreferences = configuration.getResponseStorageLocations( PwmSetting.FORGOTTEN_PASSWORD_READ_PREFERENCE );
+        final List<DataStorageMethod> readPreferences = domainConfig.getResponseStorageLocations( PwmSetting.FORGOTTEN_PASSWORD_READ_PREFERENCE );
         if ( readPreferences.size() == 1 && readPreferences.iterator().next() == DataStorageMethod.AUTO )
         {
             readPreferences.clear();
-            if ( configuration.hasDbConfigured() )
+            if ( domainConfig.hasDbConfigured() )
             {
                 readPreferences.add( DataStorageMethod.DB );
             }
@@ -50,7 +50,7 @@ public class ConfigurationUtil
         }
 
 
-        if ( configuration.readSettingAsBoolean( PwmSetting.EDIRECTORY_USE_NMAS_RESPONSES ) )
+        if ( domainConfig.readSettingAsBoolean( PwmSetting.EDIRECTORY_USE_NMAS_RESPONSES ) )
         {
             readPreferences.add( DataStorageMethod.NMAS );
         }
@@ -58,13 +58,13 @@ public class ConfigurationUtil
         return readPreferences;
     }
 
-    public static List<DataStorageMethod> getCrWritePreference( final Configuration configuration )
+    public static List<DataStorageMethod> getCrWritePreference( final DomainConfig domainConfig )
     {
-        final List<DataStorageMethod> writeMethods = configuration.getResponseStorageLocations( PwmSetting.FORGOTTEN_PASSWORD_WRITE_PREFERENCE );
+        final List<DataStorageMethod> writeMethods = domainConfig.getResponseStorageLocations( PwmSetting.FORGOTTEN_PASSWORD_WRITE_PREFERENCE );
         if ( writeMethods.size() == 1 && writeMethods.get( 0 ) == DataStorageMethod.AUTO )
         {
             writeMethods.clear();
-            if ( configuration.hasDbConfigured() )
+            if ( domainConfig.hasDbConfigured() )
             {
                 writeMethods.add( DataStorageMethod.DB );
             }
@@ -73,7 +73,7 @@ public class ConfigurationUtil
                 writeMethods.add( DataStorageMethod.LDAP );
             }
         }
-        if ( configuration.readSettingAsBoolean( PwmSetting.EDIRECTORY_STORE_NMAS_RESPONSES ) )
+        if ( domainConfig.readSettingAsBoolean( PwmSetting.EDIRECTORY_STORE_NMAS_RESPONSES ) )
         {
             writeMethods.add( DataStorageMethod.NMAS );
         }

server/src/main/java/password/pwm/config/Configuration.java → server/src/main/java/password/pwm/config/DomainConfig.java

@@ -91,9 +91,9 @@ import java.util.stream.Collectors;
 /**
  * @author Jason D. Rivard
  */
-public class Configuration
+public class DomainConfig
 {
-    private static final PwmLogger LOGGER = PwmLogger.forClass( Configuration.class );
+    private static final PwmLogger LOGGER = PwmLogger.forClass( DomainConfig.class );
 
     private final StoredConfiguration storedConfiguration;
 
@@ -102,7 +102,7 @@ public class Configuration
     private final DataCache dataCache = new DataCache();
     private final SettingReader settingReader;
 
-    public Configuration( final StoredConfiguration storedConfiguration )
+    public DomainConfig( final StoredConfiguration storedConfiguration )
     {
         this.storedConfiguration = storedConfiguration;
         this.settingReader = new SettingReader( storedConfiguration, null, PwmConstants.DOMAIN_ID_PLACEHOLDER );

server/src/main/java/password/pwm/config/LDAPPermissionInfo.java

@@ -62,12 +62,12 @@ public class LDAPPermissionInfo implements Serializable
         helpdesk,
         guestManager,;
 
-        public String getLabel( final Locale locale, final Configuration config )
+        public String getLabel( final Locale locale, final DomainConfig config )
         {
             return LocaleHelper.getLocalizedMessage( locale, "Actor_Label_" + this.toString(), config, Config.class );
         }
 
-        public String getDescription( final Locale locale, final Configuration config )
+        public String getDescription( final Locale locale, final DomainConfig config )
         {
             final MacroRequest macroRequest = MacroRequest.forStatic();
             return macroRequest.expandMacros( LocaleHelper.getLocalizedMessage( locale, "Actor_Description_" + this.toString(), config, Config.class ) );

server/src/main/java/password/pwm/config/PwmSetting.java

@@ -28,7 +28,6 @@ import password.pwm.util.java.StringUtil;
 
 import java.util.Arrays;
 import java.util.Collection;
-import java.util.Collections;
 import java.util.Comparator;
 import java.util.LinkedHashMap;
 import java.util.List;
@@ -58,6 +57,9 @@ public enum PwmSetting
     NOTES(
             "notes.noteText", PwmSettingSyntax.TEXT_AREA, PwmSettingCategory.NOTES ),
 
+    // domains
+    DOMAIN_LIST(
+            "domain.list", PwmSettingSyntax.STRING_ARRAY, PwmSettingCategory.DOMAINS ),
 
     // application settings
     PWM_SITE_URL(
@@ -1283,16 +1285,16 @@ public enum PwmSetting
             "helpdesk.otp.verify", PwmSettingSyntax.BOOLEAN, PwmSettingCategory.HELPDESK_BASE ),;
 
 
-    private static final Map<String, PwmSetting> KEY_MAP = Collections.unmodifiableMap( Arrays.stream( values() )
-            .collect( Collectors.toMap( PwmSetting::getKey, pwmSetting -> pwmSetting ) ) );
+    private static final Map<String, PwmSetting> KEY_MAP = Arrays.stream( values() )
+            .collect( Collectors.toUnmodifiableMap( PwmSetting::getKey, pwmSetting -> pwmSetting ) );
 
     private static final Comparator<PwmSetting> MENU_LOCATION_COMPARATOR = Comparator.comparing(
             pwmSetting -> pwmSetting.toMenuLocationDebug( null, PwmConstants.DEFAULT_LOCALE ),
             Comparator.nullsLast( Comparator.naturalOrder() ) );
 
-    private static final List<PwmSetting> SORTED_VALUES = Collections.unmodifiableList( Arrays.stream( values() )
+    private static final List<PwmSetting> SORTED_VALUES = Arrays.stream( values() )
             .sorted( MENU_LOCATION_COMPARATOR )
-            .collect( Collectors.toList() ) );
+            .collect( Collectors.toUnmodifiableList() );
 
     private final String key;
     private final PwmSettingSyntax syntax;
@@ -1357,7 +1359,7 @@ public enum PwmSetting
                     ( templateSetReference.getReference() ).toDebugString( locale )
             );
         }
-        return Collections.unmodifiableMap( returnObj );
+        return Map.copyOf( returnObj );
     }
 
     public Map<PwmSettingProperty, String> getProperties( )

server/src/main/java/password/pwm/config/PwmSettingCategory.java

@@ -45,6 +45,8 @@ public enum PwmSettingCategory
     TEMPLATES( null ),
     NOTES( null ),
 
+    DOMAINS( null ),
+
     LDAP( null ),
     SETTINGS( null ),
     PROFILES( null ),
@@ -350,12 +352,10 @@ public enum PwmSettingCategory
 
     public static List<PwmSettingCategory> valuesForReferenceDoc()
     {
-        final List<PwmSettingCategory> values = sortedValues().stream()
+        return sortedValues().stream()
                 .filter( ( category ) -> !category.isHidden() )
                 .filter( ( category ) -> !category.getSettings().isEmpty() )
-                .collect( Collectors.toList( ) );
-
-        return Collections.unmodifiableList( values );
+                .collect( Collectors.toUnmodifiableList( ) );
     }
 
     public static List<PwmSettingCategory> associatedProfileCategories( final PwmSettingCategory inputCategory )
@@ -375,7 +375,7 @@ public enum PwmSettingCategory
         returnValues.add( topLevelCategory );
         returnValues.addAll( topLevelCategory.getChildren() );
 
-        return Collections.unmodifiableList( returnValues );
+        return List.copyOf( returnValues );
     }
 
     public static Optional<PwmSettingCategory> forKey( final String key )
@@ -498,7 +498,7 @@ public enum PwmSettingCategory
         {
             final Set<PwmSettingCategory> categories = Arrays.stream( PwmSettingCategory.values() )
                     .filter( ( loopCategory ) -> loopCategory.getParent() == category )
-                    .collect( Collectors.toSet() );
+                    .collect( Collectors.toUnmodifiableSet() );
             return Collections.unmodifiableSet( JavaHelper.copiedEnumSet( categories, PwmSettingCategory.class ) );
         }
 

server/src/main/java/password/pwm/config/PwmSettingSyntax.java

@@ -77,7 +77,7 @@ public enum PwmSettingSyntax
     CUSTOMLINKS( CustomLinkValue.factory() ),
     REMOTE_WEB_SERVICE( RemoteWebServiceValue.factory() ),;
 
-    private StoredValue.StoredValueFactory storedValueImpl;
+    private final StoredValue.StoredValueFactory storedValueImpl;
 
     PwmSettingSyntax( final StoredValue.StoredValueFactory storedValueImpl )
     {

server/src/main/java/password/pwm/config/function/AbstractUriCertImportFunction.java

@@ -21,7 +21,7 @@
 package password.pwm.config.function;
 
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfigurationModifier;
@@ -64,8 +64,8 @@ abstract class AbstractUriCertImportFunction implements SettingUIFunction
             }
             else
             {
-                final Configuration configuration = new Configuration( modifier.newStoredConfiguration() );
-                certs = X509Utils.readRemoteCertificates( URI.create( urlString ), configuration );
+                final DomainConfig domainConfig = new DomainConfig( modifier.newStoredConfiguration() );
+                certs = X509Utils.readRemoteCertificates( URI.create( urlString ), domainConfig );
             }
         }
         catch ( final Exception e )

server/src/main/java/password/pwm/config/function/LdapCertImportFunction.java

@@ -20,7 +20,7 @@
 
 package password.pwm.config.function;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
@@ -50,7 +50,7 @@ public class LdapCertImportFunction implements SettingUIFunction
     )
             throws PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final StringArrayValue ldapUrlsValue = ( StringArrayValue ) modifier.newStoredConfiguration().readSetting( PwmSetting.LDAP_SERVER_URLS, profile );
@@ -63,7 +63,7 @@ public class LdapCertImportFunction implements SettingUIFunction
 
         final UserIdentity userIdentity = pwmSession.isAuthenticated() ? pwmSession.getUserInfo().getUserIdentity() : null;
         modifier.writeSetting( setting, profile, X509CertificateValue.fromX509( resultCertificates ), userIdentity );
-        return Message.getLocalizedMessage( pwmSession.getSessionStateBean().getLocale(), Message.Success_Unknown, pwmApplication.getConfig() );
+        return Message.getLocalizedMessage( pwmSession.getSessionStateBean().getLocale(), Message.Success_Unknown, pwmDomain.getConfig() );
     }
 
 }

server/src/main/java/password/pwm/config/function/SmtpCertImportFunction.java

@@ -21,7 +21,7 @@
 package password.pwm.config.function;
 
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfigurationModifier;
@@ -50,8 +50,8 @@ public class SmtpCertImportFunction implements SettingUIFunction
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
-        final Configuration configuration = new Configuration( modifier.newStoredConfiguration() );
-        final List<X509Certificate> certs = EmailServerUtil.readCertificates( configuration, profile );
+        final DomainConfig domainConfig = new DomainConfig( modifier.newStoredConfiguration() );
+        final List<X509Certificate> certs = EmailServerUtil.readCertificates( domainConfig, profile );
         if ( !JavaHelper.isEmpty( certs ) )
         {
             final UserIdentity userIdentity = pwmSession.isAuthenticated() ? pwmSession.getUserInfo().getUserIdentity() : null;

server/src/main/java/password/pwm/config/function/SyslogCertImportFunction.java

@@ -20,9 +20,9 @@
 
 package password.pwm.config.function;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfigurationModifier;
@@ -57,7 +57,7 @@ public class SyslogCertImportFunction implements SettingUIFunction
     {
         boolean error = false;
         Exception exeception = null;
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final Set<X509Certificate> resultCertificates = new LinkedHashSet<>();
@@ -77,7 +77,7 @@ public class SyslogCertImportFunction implements SettingUIFunction
                             final List<X509Certificate> certs = X509Utils.readRemoteCertificates(
                                     syslogConfig.getHost(),
                                     syslogConfig.getPort(),
-                                    new Configuration( modifier.newStoredConfiguration() )
+                                    new DomainConfig( modifier.newStoredConfiguration() )
                             );
                             if ( certs != null )
                             {
@@ -99,7 +99,7 @@ public class SyslogCertImportFunction implements SettingUIFunction
         {
             final UserIdentity userIdentity = pwmSession.isAuthenticated() ? pwmSession.getUserInfo().getUserIdentity() : null;
             modifier.writeSetting( setting, null, X509CertificateValue.fromX509( resultCertificates ), userIdentity );
-            return Message.getLocalizedMessage( pwmSession.getSessionStateBean().getLocale(), Message.Success_Unknown, pwmApplication.getConfig() );
+            return Message.getLocalizedMessage( pwmSession.getSessionStateBean().getLocale(), Message.Success_Unknown, pwmDomain.getConfig() );
         }
         else
         {

server/src/main/java/password/pwm/config/function/UserMatchViewerFunction.java

@@ -26,10 +26,10 @@ import com.novell.ldapchai.provider.ChaiProvider;
 import lombok.Builder;
 import lombok.Value;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.SettingUIFunction;
 import password.pwm.config.stored.StoredConfiguration;
@@ -69,11 +69,11 @@ public class UserMatchViewerFunction implements SettingUIFunction
             final String extraData )
             throws Exception
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         final Instant startSearchTime = Instant.now();
-        final int maxResultSize = Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_USER_PERMISSION_MATCH_LIMIT ) );
-        final Collection<UserIdentity> users = discoverMatchingUsers( pwmApplication, maxResultSize, storedConfiguration.newStoredConfiguration(), setting, profile );
+        final int maxResultSize = Integer.parseInt( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_USER_PERMISSION_MATCH_LIMIT ) );
+        final Collection<UserIdentity> users = discoverMatchingUsers( pwmDomain, maxResultSize, storedConfiguration.newStoredConfiguration(), setting, profile );
         final TimeDuration searchDuration = TimeDuration.fromCurrent( startSearchTime );
 
         final String message = LocaleHelper.getLocalizedMessage(
@@ -91,7 +91,7 @@ public class UserMatchViewerFunction implements SettingUIFunction
     }
 
     public List<UserIdentity> discoverMatchingUsers(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final int maxResultSize,
             final StoredConfiguration storedConfiguration,
             final PwmSetting setting,
@@ -99,20 +99,20 @@ public class UserMatchViewerFunction implements SettingUIFunction
     )
             throws Exception
     {
-        final Configuration config = new Configuration( storedConfiguration );
-        final PwmApplication tempApplication = PwmApplication.createPwmApplication( pwmApplication.getPwmEnvironment().makeRuntimeInstance( config ) );
+        final DomainConfig config = new DomainConfig( storedConfiguration );
+        final PwmDomain tempApplication = PwmDomain.createPwmApplication( pwmDomain.getPwmEnvironment().makeRuntimeInstance( config ) );
         final StoredValue storedValue = storedConfiguration.readSetting( setting, profile );
         final List<UserPermission> permissions = ValueTypeConverter.valueToUserPermissions( storedValue );
 
         validateUserPermissionLdapValues( tempApplication, permissions );
 
-        final int maxSearchSeconds = Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_USER_PERMISSION_TIMEOUT_SECONDS ) );
+        final int maxSearchSeconds = Integer.parseInt( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_EDITOR_USER_PERMISSION_TIMEOUT_SECONDS ) );
         final TimeDuration maxSearchTime = TimeDuration.of( maxSearchSeconds, TimeDuration.Unit.SECONDS );
         return UserPermissionUtility.discoverMatchingUsers( tempApplication, permissions, SessionLabel.SYSTEM_LABEL, maxResultSize, maxSearchTime );
     }
 
     private static void validateUserPermissionLdapValues(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final List<UserPermission> permissions
     )
             throws PwmUnrecoverableException, PwmOperationalException
@@ -123,25 +123,25 @@ public class UserMatchViewerFunction implements SettingUIFunction
             {
                 if ( userPermission.getLdapBase() != null && !userPermission.getLdapBase().isEmpty() )
                 {
-                    testIfLdapDNIsValid( pwmApplication, userPermission.getLdapBase(), userPermission.getLdapProfileID() );
+                    testIfLdapDNIsValid( pwmDomain, userPermission.getLdapBase(), userPermission.getLdapProfileID() );
                 }
             }
             else if ( userPermission.getType() == UserPermissionType.ldapGroup )
             {
-                testIfLdapDNIsValid( pwmApplication, userPermission.getLdapBase(), userPermission.getLdapProfileID() );
+                testIfLdapDNIsValid( pwmDomain, userPermission.getLdapBase(), userPermission.getLdapProfileID() );
             }
         }
     }
 
 
-    private static void testIfLdapDNIsValid( final PwmApplication pwmApplication, final String baseDN, final String profileID )
+    private static void testIfLdapDNIsValid( final PwmDomain pwmDomain, final String baseDN, final String profileID )
             throws PwmOperationalException, PwmUnrecoverableException
     {
         final Set<String> profileIDsToTest = new LinkedHashSet<>();
 
         if ( UserPermissionUtility.isAllProfiles( profileID ) )
         {
-            profileIDsToTest.addAll( pwmApplication.getConfig().getLdapProfiles().keySet() );
+            profileIDsToTest.addAll( pwmDomain.getConfig().getLdapProfiles().keySet() );
         }
         else
         {
@@ -158,7 +158,7 @@ public class UserMatchViewerFunction implements SettingUIFunction
             ChaiEntry chaiEntry = null;
             try
             {
-                final ChaiProvider proxiedProvider = pwmApplication.getProxyChaiProvider( loopID );
+                final ChaiProvider proxiedProvider = pwmDomain.getProxyChaiProvider( loopID );
                 chaiEntry = proxiedProvider.getEntryFactory().newChaiEntry( baseDN );
             }
             catch ( final Exception e )

server/src/main/java/password/pwm/config/option/IdentityVerificationMethod.java

@@ -20,7 +20,7 @@
 
 package password.pwm.config.option;
 
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.i18n.Display;
 
 import java.io.Serializable;
@@ -55,14 +55,14 @@ public enum IdentityVerificationMethod implements Serializable, ConfigurationOpt
         return userSelectable;
     }
 
-    public String getLabel( final Configuration configuration, final Locale locale )
+    public String getLabel( final DomainConfig domainConfig, final Locale locale )
     {
-        return Display.getLocalizedMessage( locale, this.labelKey, configuration );
+        return Display.getLocalizedMessage( locale, this.labelKey, domainConfig );
     }
 
-    public String getDescription( final Configuration configuration, final Locale locale )
+    public String getDescription( final DomainConfig domainConfig, final Locale locale )
     {
-        return Display.getLocalizedMessage( locale, this.descriptionKey, configuration );
+        return Display.getLocalizedMessage( locale, this.descriptionKey, domainConfig );
     }
 
     public static IdentityVerificationMethod[] availableValues( )

server/src/main/java/password/pwm/config/profile/LdapProfile.java

@@ -25,7 +25,7 @@ import com.novell.ldapchai.exception.ChaiOperationException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.provider.ChaiProvider;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.stored.StoredConfiguration;
@@ -59,7 +59,7 @@ public class LdapProfile extends AbstractProfile implements Profile
     }
 
     public Map<String, String> getSelectableContexts(
-            final PwmApplication pwmApplication
+            final PwmDomain pwmDomain
     )
             throws PwmUnrecoverableException
     {
@@ -70,14 +70,14 @@ public class LdapProfile extends AbstractProfile implements Profile
         {
             final String dn = entry.getKey();
             final String label = entry.getValue();
-            final String canonicalDN = readCanonicalDN( pwmApplication, dn );
+            final String canonicalDN = readCanonicalDN( pwmDomain, dn );
             canonicalValues.put( canonicalDN, label );
         }
         return Collections.unmodifiableMap( canonicalValues );
     }
 
     public List<String> getRootContexts(
-            final PwmApplication pwmApplication
+            final PwmDomain pwmDomain
     )
             throws PwmUnrecoverableException
     {
@@ -85,7 +85,7 @@ public class LdapProfile extends AbstractProfile implements Profile
         final List<String> canonicalValues = new ArrayList<>();
         for ( final String dn : rawValues )
         {
-            final String canonicalDN = readCanonicalDN( pwmApplication, dn );
+            final String canonicalDN = readCanonicalDN( pwmDomain, dn );
             canonicalValues.add( canonicalDN );
         }
         return Collections.unmodifiableList( canonicalValues );
@@ -111,10 +111,10 @@ public class LdapProfile extends AbstractProfile implements Profile
         return configUsernameAttr != null && configUsernameAttr.length() > 0 ? configUsernameAttr : ldapNamingAttribute;
     }
 
-    public ChaiProvider getProxyChaiProvider( final PwmApplication pwmApplication ) throws PwmUnrecoverableException
+    public ChaiProvider getProxyChaiProvider( final PwmDomain pwmDomain ) throws PwmUnrecoverableException
     {
         verifyIsEnabled();
-        return pwmApplication.getProxyChaiProvider( this.getIdentifier() );
+        return pwmDomain.getProxyChaiProvider( this.getIdentifier() );
     }
 
     @Override
@@ -130,7 +130,7 @@ public class LdapProfile extends AbstractProfile implements Profile
     }
 
     public String readCanonicalDN(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final String dnValue
     )
             throws PwmUnrecoverableException
@@ -138,20 +138,20 @@ public class LdapProfile extends AbstractProfile implements Profile
         final Instant startTime = Instant.now();
 
         {
-            final boolean doCanonicalDnResolve = Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.LDAP_RESOLVE_CANONICAL_DN ) );
+            final boolean doCanonicalDnResolve = Boolean.parseBoolean( pwmDomain.getConfig().readAppProperty( AppProperty.LDAP_RESOLVE_CANONICAL_DN ) );
             if ( !doCanonicalDnResolve )
             {
                 return dnValue;
             }
         }
 
-        final boolean enableCanonicalCache = Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.LDAP_CACHE_CANONICAL_ENABLE ) );
+        final boolean enableCanonicalCache = Boolean.parseBoolean( pwmDomain.getConfig().readAppProperty( AppProperty.LDAP_CACHE_CANONICAL_ENABLE ) );
 
         String canonicalValue = null;
         final CacheKey cacheKey = CacheKey.newKey( LdapProfile.class, null, "canonicalDN-" + this.getIdentifier() + "-" + dnValue );
         if ( enableCanonicalCache )
         {
-            final String cachedDN = pwmApplication.getCacheService().get( cacheKey, String.class );
+            final String cachedDN = pwmDomain.getCacheService().get( cacheKey, String.class );
             if ( cachedDN != null )
             {
                 canonicalValue = cachedDN;
@@ -162,15 +162,15 @@ public class LdapProfile extends AbstractProfile implements Profile
         {
             try
             {
-                final ChaiProvider chaiProvider = this.getProxyChaiProvider( pwmApplication );
+                final ChaiProvider chaiProvider = this.getProxyChaiProvider( pwmDomain );
                 final ChaiEntry chaiEntry = chaiProvider.getEntryFactory().newChaiEntry( dnValue );
                 canonicalValue = chaiEntry.readCanonicalDN();
 
                 if ( enableCanonicalCache )
                 {
-                    final long cacheSeconds = Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.LDAP_CACHE_CANONICAL_SECONDS ) );
+                    final long cacheSeconds = Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.LDAP_CACHE_CANONICAL_SECONDS ) );
                     final CachePolicy cachePolicy = CachePolicy.makePolicyWithExpiration( TimeDuration.of( cacheSeconds, TimeDuration.Unit.SECONDS ) );
-                    pwmApplication.getCacheService().put( cacheKey, cachePolicy, canonicalValue );
+                    pwmDomain.getCacheService().put( cacheKey, cachePolicy, canonicalValue );
                 }
 
                 {
@@ -189,23 +189,23 @@ public class LdapProfile extends AbstractProfile implements Profile
         return canonicalValue;
     }
 
-    public UserIdentity getTestUser( final PwmApplication pwmApplication ) throws PwmUnrecoverableException
+    public UserIdentity getTestUser( final PwmDomain pwmDomain ) throws PwmUnrecoverableException
     {
-        return readUserIdentity( pwmApplication, PwmSetting.LDAP_TEST_USER_DN );
+        return readUserIdentity( pwmDomain, PwmSetting.LDAP_TEST_USER_DN );
     }
 
-    public UserIdentity getProxyUser( final PwmApplication pwmApplication ) throws PwmUnrecoverableException
+    public UserIdentity getProxyUser( final PwmDomain pwmDomain ) throws PwmUnrecoverableException
     {
-        return readUserIdentity( pwmApplication, PwmSetting.LDAP_PROXY_USER_DN );
+        return readUserIdentity( pwmDomain, PwmSetting.LDAP_PROXY_USER_DN );
     }
 
-    private UserIdentity readUserIdentity( final PwmApplication pwmApplication, final PwmSetting pwmSetting ) throws PwmUnrecoverableException
+    private UserIdentity readUserIdentity( final PwmDomain pwmDomain, final PwmSetting pwmSetting ) throws PwmUnrecoverableException
     {
         final String testUserDN = this.readSettingAsString( pwmSetting );
 
         if ( !StringUtil.isEmpty( testUserDN ) )
         {
-            return UserIdentity.createUserIdentity( testUserDN, this.getIdentifier() ).canonicalized( pwmApplication );
+            return UserIdentity.createUserIdentity( testUserDN, this.getIdentifier() ).canonicalized( pwmDomain );
         }
 
         return null;

server/src/main/java/password/pwm/config/profile/NewUserProfile.java

@@ -24,10 +24,10 @@ import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.provider.ChaiProvider;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.error.ErrorInformation;
@@ -69,10 +69,10 @@ public class NewUserProfile extends AbstractProfile implements Profile
         return value != null && !value.isEmpty() ? value : this.getIdentifier();
     }
 
-    public PwmPasswordPolicy getNewUserPasswordPolicy( final PwmApplication pwmApplication, final Locale userLocale )
+    public PwmPasswordPolicy getNewUserPasswordPolicy( final PwmDomain pwmDomain, final Locale userLocale )
             throws PwmUnrecoverableException
     {
-        final long maxNewUserCacheMS = Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_NEWUSER_PASSWORD_POLICY_CACHE_MS ) );
+        final long maxNewUserCacheMS = Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_NEWUSER_PASSWORD_POLICY_CACHE_MS ) );
         if ( newUserPasswordPolicyCacheTime != null && TimeDuration.fromCurrent( newUserPasswordPolicyCacheTime ).isLongerThan( maxNewUserCacheMS ) )
         {
             newUserPasswordPolicyCacheTime = Instant.now();
@@ -129,10 +129,10 @@ public class NewUserProfile extends AbstractProfile implements Profile
             {
                 try
                 {
-                    final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider( ldapProfile.getIdentifier() );
+                    final ChaiProvider chaiProvider = pwmDomain.getProxyChaiProvider( ldapProfile.getIdentifier() );
                     final ChaiUser chaiUser = chaiProvider.getEntryFactory().newChaiUser( lookupDN );
                     final UserIdentity userIdentity = UserIdentity.createUserIdentity( lookupDN, ldapProfile.getIdentifier() );
-                    thePolicy = PasswordUtility.readPasswordPolicyForUser( pwmApplication, null, userIdentity, chaiUser, userLocale );
+                    thePolicy = PasswordUtility.readPasswordPolicyForUser( pwmDomain, null, userIdentity, chaiUser, userLocale );
                 }
                 catch ( final ChaiUnavailableException e )
                 {
@@ -144,23 +144,23 @@ public class NewUserProfile extends AbstractProfile implements Profile
         return thePolicy;
     }
 
-    public TimeDuration getTokenDurationEmail( final Configuration configuration )
+    public TimeDuration getTokenDurationEmail( final DomainConfig domainConfig )
     {
         final long newUserDuration = readSettingAsLong( PwmSetting.NEWUSER_TOKEN_LIFETIME_EMAIL );
         if ( newUserDuration < 1 )
         {
-            final long defaultDuration = configuration.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
+            final long defaultDuration = domainConfig.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
             return TimeDuration.of( defaultDuration, TimeDuration.Unit.SECONDS );
         }
         return TimeDuration.of( newUserDuration, TimeDuration.Unit.SECONDS );
     }
 
-    public TimeDuration getTokenDurationSMS( final Configuration configuration )
+    public TimeDuration getTokenDurationSMS( final DomainConfig domainConfig )
     {
         final long newUserDuration = readSettingAsLong( PwmSetting.NEWUSER_TOKEN_LIFETIME_SMS );
         if ( newUserDuration < 1 )
         {
-            final long defaultDuration = configuration.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
+            final long defaultDuration = domainConfig.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
             return TimeDuration.of( defaultDuration, TimeDuration.Unit.SECONDS );
         }
         return TimeDuration.of( newUserDuration, TimeDuration.Unit.SECONDS );
@@ -178,11 +178,11 @@ public class NewUserProfile extends AbstractProfile implements Profile
     public LdapProfile getLdapProfile()
             throws PwmUnrecoverableException
     {
-        final Configuration configuration = new Configuration( getStoredConfiguration() );
+        final DomainConfig domainConfig = new DomainConfig( getStoredConfiguration() );
         final String configuredProfile = readSettingAsString( PwmSetting.NEWUSER_LDAP_PROFILE );
         if ( !StringUtil.isEmpty( configuredProfile ) )
         {
-            final LdapProfile ldapProfile = configuration.getLdapProfiles().get( configuredProfile );
+            final LdapProfile ldapProfile = domainConfig.getLdapProfiles().get( configuredProfile );
             if ( ldapProfile == null )
             {
                 throw new PwmUnrecoverableException( new ErrorInformation( PwmError.CONFIG_FORMAT_ERROR, null, new String[]
@@ -194,6 +194,6 @@ public class NewUserProfile extends AbstractProfile implements Profile
             }
             return ldapProfile;
         }
-        return configuration.getDefaultLdapProfile();
+        return domainConfig.getDefaultLdapProfile();
     }
 }

server/src/main/java/password/pwm/config/profile/ProfileUtility.java

@@ -20,10 +20,10 @@
 
 package password.pwm.config.profile;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingCategory;
 import password.pwm.config.value.data.UserPermission;
@@ -48,7 +48,7 @@ public class ProfileUtility
     )
             throws PwmUnrecoverableException
     {
-        return discoverProfileIDForUser( pwmRequestContext.getPwmApplication(), pwmRequestContext.getSessionLabel(), userIdentity, profileDefinition );
+        return discoverProfileIDForUser( pwmRequestContext.getPwmDomain(), pwmRequestContext.getSessionLabel(), userIdentity, profileDefinition );
     }
 
     public static <T extends Profile> T profileForUser(
@@ -70,18 +70,18 @@ public class ProfileUtility
 
 
     public static Optional<String> discoverProfileIDForUser(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final UserIdentity userIdentity,
             final ProfileDefinition profileDefinition
     )
             throws PwmUnrecoverableException
     {
-        final Map<String, Profile> profileMap = pwmApplication.getConfig().profileMap( profileDefinition );
+        final Map<String, Profile> profileMap = pwmDomain.getConfig().profileMap( profileDefinition );
         for ( final Profile profile : profileMap.values() )
         {
             final List<UserPermission> queryMatches = profile.profilePermissions();
-            final boolean match = UserPermissionUtility.testUserPermission( pwmApplication, sessionLabel, userIdentity, queryMatches );
+            final boolean match = UserPermissionUtility.testUserPermission( pwmDomain, sessionLabel, userIdentity, queryMatches );
             if ( match )
             {
                 return Optional.of( profile.getIdentifier() );
@@ -90,10 +90,10 @@ public class ProfileUtility
         return Optional.empty();
     }
 
-    public static List<String> profileIDsForCategory( final Configuration configuration, final PwmSettingCategory pwmSettingCategory )
+    public static List<String> profileIDsForCategory( final DomainConfig domainConfig, final PwmSettingCategory pwmSettingCategory )
     {
         final PwmSetting profileSetting = pwmSettingCategory.getProfileSetting().orElseThrow( IllegalStateException::new );
-        return configuration.readSettingAsStringArray( profileSetting );
+        return domainConfig.readSettingAsStringArray( profileSetting );
     }
 
 

server/src/main/java/password/pwm/config/profile/PwmPasswordRule.java

@@ -22,7 +22,7 @@ package password.pwm.config.profile;
 
 import com.novell.ldapchai.ChaiPasswordRule;
 import password.pwm.AppProperty;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.i18n.Message;
 import password.pwm.util.i18n.LocaleHelper;
@@ -508,7 +508,7 @@ public enum PwmPasswordRule
         return null;
     }
 
-    public String getLabel( final Locale locale, final Configuration config )
+    public String getLabel( final Locale locale, final DomainConfig config )
     {
         final String key = "Rule_" + this.toString();
         try
@@ -521,7 +521,7 @@ public enum PwmPasswordRule
         }
     }
 
-    public static List<PwmPasswordRule> sortedByLabel ( final Locale locale, final Configuration config )
+    public static List<PwmPasswordRule> sortedByLabel ( final Locale locale, final DomainConfig config )
     {
         final TreeMap<String, PwmPasswordRule> sortedMap = new TreeMap<>();
         for ( final PwmPasswordRule rule : PwmPasswordRule.values() )

server/src/main/java/password/pwm/config/profile/UpdateProfileProfile.java

@@ -20,7 +20,7 @@
 
 package password.pwm.config.profile;
 
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.stored.StoredConfiguration;
 import password.pwm.util.java.TimeDuration;
@@ -41,23 +41,23 @@ public class UpdateProfileProfile extends AbstractProfile implements Profile
         return PROFILE_TYPE;
     }
 
-    public TimeDuration getTokenDurationEmail( final Configuration configuration )
+    public TimeDuration getTokenDurationEmail( final DomainConfig domainConfig )
     {
         final long duration = readSettingAsLong( PwmSetting.UPDATE_PROFILE_TOKEN_LIFETIME_EMAIL );
         if ( duration < 1 )
         {
-            final long defaultDuration = configuration.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
+            final long defaultDuration = domainConfig.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
             return TimeDuration.of( defaultDuration, TimeDuration.Unit.SECONDS );
         }
         return TimeDuration.of( duration, TimeDuration.Unit.SECONDS );
     }
 
-    public TimeDuration getTokenDurationSMS( final Configuration configuration )
+    public TimeDuration getTokenDurationSMS( final DomainConfig domainConfig )
     {
         final long duration = readSettingAsLong( PwmSetting.UPDATE_PROFILE_TOKEN_LIFETIME_SMS );
         if ( duration < 1 )
         {
-            final long defaultDuration = configuration.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
+            final long defaultDuration = domainConfig.readSettingAsLong( PwmSetting.TOKEN_LIFETIME );
             return TimeDuration.of( defaultDuration, TimeDuration.Unit.SECONDS );
         }
         return TimeDuration.of( duration, TimeDuration.Unit.SECONDS );

server/src/main/java/password/pwm/config/stored/ConfigurationCleaner.java

@@ -22,7 +22,7 @@ package password.pwm.config.stored;
 
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.ADPolicyComplexity;
 import password.pwm.config.option.RecoveryMinLifetimeOption;
@@ -69,8 +69,8 @@ class ConfigurationCleaner
                 throws PwmUnrecoverableException
         {
             final StoredConfiguration oldConfig = modifier.newStoredConfiguration();
-            final Configuration configuration = new Configuration( oldConfig );
-            for ( final String profileID : configuration.getPasswordProfileIDs() )
+            final DomainConfig domainConfig = new DomainConfig( oldConfig );
+            for ( final String profileID : domainConfig.getPasswordProfileIDs() )
             {
                 if ( !oldConfig.isDefaultValue( PwmSetting.PASSWORD_POLICY_AD_COMPLEXITY, profileID ) )
                 {

server/src/main/java/password/pwm/config/stored/ConfigurationReader.java

@@ -22,12 +22,12 @@ package password.pwm.config.stored;
 
 import password.pwm.AppAttribute;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.value.StoredValue;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
@@ -65,7 +65,7 @@ public class ConfigurationReader
 
     private final File configFile;
     private final String configFileChecksum;
-    private Configuration configuration;
+    private DomainConfig domainConfig;
     private StoredConfiguration storedConfiguration;
     private ErrorInformation configFileError;
 
@@ -107,16 +107,16 @@ public class ConfigurationReader
         return storedConfiguration;
     }
 
-    public Configuration getConfiguration( ) throws PwmUnrecoverableException
+    public DomainConfig getConfiguration( ) throws PwmUnrecoverableException
     {
-        if ( configuration == null )
+        if ( domainConfig == null )
         {
             final StoredConfiguration newStoredConfig = this.storedConfiguration == null
                     ? StoredConfigurationFactory.newConfig()
                     : this.storedConfiguration;
-            configuration = new Configuration( newStoredConfig );
+            domainConfig = new DomainConfig( newStoredConfig );
         }
-        return configuration;
+        return domainConfig;
     }
 
     private StoredConfiguration readStoredConfig( ) throws PwmUnrecoverableException
@@ -195,23 +195,23 @@ public class ConfigurationReader
 
     public void saveConfiguration(
             final StoredConfiguration storedConfiguration,
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel
     )
             throws IOException, PwmUnrecoverableException, PwmOperationalException
     {
         File backupDirectory = null;
         int backupRotations = 0;
-        if ( pwmApplication != null )
+        if ( pwmDomain != null )
         {
-            final Configuration configuration = new Configuration( storedConfiguration );
-            final String backupDirSetting = configuration.readAppProperty( AppProperty.BACKUP_LOCATION );
+            final DomainConfig domainConfig = new DomainConfig( storedConfiguration );
+            final String backupDirSetting = domainConfig.readAppProperty( AppProperty.BACKUP_LOCATION );
             if ( backupDirSetting != null && backupDirSetting.length() > 0 )
             {
-                final File pwmPath = pwmApplication.getPwmEnvironment().getApplicationPath();
+                final File pwmPath = pwmDomain.getPwmEnvironment().getApplicationPath();
                 backupDirectory = FileSystemUtility.figureFilepath( backupDirSetting, pwmPath );
             }
-            backupRotations = Integer.parseInt( configuration.readAppProperty( AppProperty.BACKUP_CONFIG_COUNT ) );
+            backupRotations = Integer.parseInt( domainConfig.readAppProperty( AppProperty.BACKUP_CONFIG_COUNT ) );
         }
 
 
@@ -243,14 +243,14 @@ public class ConfigurationReader
             }
         }
 
-        if ( pwmApplication != null && pwmApplication.getAuditManager() != null )
+        if ( pwmDomain != null && pwmDomain.getAuditManager() != null )
         {
-            auditModifiedSettings( pwmApplication, storedConfiguration, sessionLabel );
+            auditModifiedSettings( pwmDomain, storedConfiguration, sessionLabel );
         }
 
         try
         {
-            outputConfigurationFile( storedConfiguration, pwmApplication, sessionLabel, backupRotations, backupDirectory );
+            outputConfigurationFile( storedConfiguration, pwmDomain, sessionLabel, backupRotations, backupDirectory );
         }
         finally
         {
@@ -258,10 +258,10 @@ public class ConfigurationReader
         }
     }
 
-    private static void auditModifiedSettings( final PwmApplication pwmApplication, final StoredConfiguration newConfig, final SessionLabel sessionLabel )
+    private static void auditModifiedSettings( final PwmDomain pwmDomain, final StoredConfiguration newConfig, final SessionLabel sessionLabel )
             throws PwmUnrecoverableException
     {
-        final Set<StoredConfigItemKey> changedKeys = StoredConfigurationUtil.changedValues( newConfig, pwmApplication.getConfig().getStoredConfiguration() );
+        final Set<StoredConfigItemKey> changedKeys = StoredConfigurationUtil.changedValues( newConfig, pwmDomain.getConfig().getStoredConfiguration() );
 
         for ( final StoredConfigItemKey key : changedKeys )
         {
@@ -275,7 +275,7 @@ public class ConfigurationReader
                     final UserIdentity userIdentity = valueMetaData.map( ValueMetaData::getUserIdentity ).orElse( null );
                     final String modifyMessage = "configuration record '" + key.getLabel( PwmConstants.DEFAULT_LOCALE )
                             + "' has been modified, new value: " + storedValue.get().toDebugString( PwmConstants.DEFAULT_LOCALE );
-                    pwmApplication.getAuditManager().submit( sessionLabel, new AuditRecordFactory( pwmApplication ).createUserAuditRecord(
+                    pwmDomain.getAuditManager().submit( sessionLabel, new AuditRecordFactory( pwmDomain ).createUserAuditRecord(
                             AuditEvent.MODIFY_CONFIGURATION,
                             userIdentity,
                             sessionLabel,
@@ -288,7 +288,7 @@ public class ConfigurationReader
 
     private void outputConfigurationFile(
             final StoredConfiguration storedConfiguration,
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final int backupRotations,
             final File backupDirectory
@@ -306,10 +306,10 @@ public class ConfigurationReader
         }
 
         LOGGER.info( () -> "saved configuration", () -> TimeDuration.fromCurrent( saveFileStartTime ) );
-        if ( pwmApplication != null )
+        if ( pwmDomain != null )
         {
             final String actualChecksum = storedConfiguration.valueHash();
-            pwmApplication.writeAppAttribute( AppAttribute.CONFIG_HASH, actualChecksum );
+            pwmDomain.writeAppAttribute( AppAttribute.CONFIG_HASH, actualChecksum );
         }
 
         LOGGER.trace( () -> "renaming file " + tempWriteFile.getAbsolutePath() + " to " + configFile.getAbsolutePath() );

server/src/main/java/password/pwm/config/stored/StoredConfigItemKey.java

@@ -39,6 +39,8 @@ import java.util.stream.Collectors;
 
 public class StoredConfigItemKey implements Serializable
 {
+    private static final Comparator<StoredConfigItemKey> COMPARATOR = makeComparator();
+
     public enum RecordType
     {
         SETTING( "Setting" ),
@@ -277,10 +279,10 @@ public class StoredConfigItemKey implements Serializable
 
     public static Set<StoredConfigItemKey> filterBySettingSyntax( final PwmSettingSyntax pwmSettingSyntax, final Set<StoredConfigItemKey> input )
     {
-        return Collections.unmodifiableSet( filterByType( RecordType.SETTING, input )
+        return filterByType( RecordType.SETTING, input )
                 .stream()
                 .filter( ( k ) -> k.toPwmSetting().getSyntax() == pwmSettingSyntax )
-                .collect( Collectors.toSet() ) );
+                .collect( Collectors.toUnmodifiableSet() );
     }
 
     public static Set<StoredConfigItemKey> filterByType( final RecordType recordType, final Set<StoredConfigItemKey> input )
@@ -290,10 +292,17 @@ public class StoredConfigItemKey implements Serializable
             return Collections.emptySet();
         }
 
-        return Collections.unmodifiableSet( input.stream().filter( ( k ) -> k.isRecordType( recordType ) ).collect( Collectors.toSet() ) );
+        return input.stream()
+                .filter( ( k ) -> k.isRecordType( recordType ) )
+                .collect( Collectors.toUnmodifiableSet() );
     }
 
-    public static Comparator<StoredConfigItemKey> comparator( final Locale locale )
+    public static Comparator<StoredConfigItemKey> comparator()
+    {
+        return COMPARATOR;
+    }
+
+    private static Comparator<StoredConfigItemKey> makeComparator()
     {
         final Comparator<StoredConfigItemKey> typeComparator = Comparator.comparing(
                 StoredConfigItemKey::getRecordType,
@@ -316,7 +325,8 @@ public class StoredConfigItemKey implements Serializable
             }
         };
 
-        final Comparator<StoredConfigItemKey> profileComparator = Comparator.comparing( StoredConfigItemKey::getProfileID,
+        final Comparator<StoredConfigItemKey> profileComparator = Comparator.comparing(
+                StoredConfigItemKey::getProfileID,
                 Comparator.nullsLast( Comparator.naturalOrder() ) );
 
         return typeComparator
@@ -325,5 +335,4 @@ public class StoredConfigItemKey implements Serializable
                 .thenComparing( profileComparator );
     }
 
-
 }

server/src/main/java/password/pwm/config/stored/StoredConfigurationUtil.java

@@ -22,7 +22,7 @@ package password.pwm.config.stored;
 
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingCategory;
 import password.pwm.config.PwmSettingSyntax;
@@ -317,7 +317,7 @@ public abstract class StoredConfigurationUtil
             return false;
         }
         final Optional<String> passwordHash = storedConfiguration.readConfigProperty( ConfigurationProperty.PASSWORD_HASH );
-        return passwordHash.isPresent() && BCrypt.testAnswer( password, passwordHash.get(), new Configuration( storedConfiguration ) );
+        return passwordHash.isPresent() && BCrypt.testAnswer( password, passwordHash.get(), new DomainConfig( storedConfiguration ) );
     }
 
     public static boolean hasPassword( final StoredConfiguration storedConfiguration )

server/src/main/java/password/pwm/config/value/data/FormConfiguration.java

@@ -24,7 +24,7 @@ import lombok.Builder;
 import lombok.Value;
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmDataValidationException;
 import password.pwm.error.PwmError;
@@ -300,7 +300,7 @@ public class FormConfiguration implements Serializable
     }
 
 
-    public void checkValue( final Configuration config, final String value, final Locale locale )
+    public void checkValue( final DomainConfig config, final String value, final Locale locale )
             throws PwmDataValidationException, PwmUnrecoverableException
     {
 
@@ -428,7 +428,7 @@ public class FormConfiguration implements Serializable
      *
      * @return true if the email address is valid.
      */
-    public static boolean testEmailAddress( final Configuration config, final String address )
+    public static boolean testEmailAddress( final DomainConfig config, final String address )
     {
         final String patternStr;
         if ( config != null )
@@ -445,7 +445,7 @@ public class FormConfiguration implements Serializable
         return matcher.matches();
     }
 
-    public String displayValue( final String value, final Locale locale, final Configuration config )
+    public String displayValue( final String value, final Locale locale, final DomainConfig config )
     {
         if ( value == null )
         {

server/src/main/java/password/pwm/error/ErrorInformation.java

@@ -20,8 +20,8 @@
 
 package password.pwm.error;
 
-import password.pwm.PwmApplication;
-import password.pwm.config.Configuration;
+import password.pwm.PwmDomain;
+import password.pwm.config.DomainConfig;
 import password.pwm.http.PwmSession;
 
 import java.io.Serializable;
@@ -120,7 +120,7 @@ public class ErrorInformation implements Serializable
         return sb.toString();
     }
 
-    public String toUserStr( final PwmSession pwmSession, final PwmApplication pwmApplication )
+    public String toUserStr( final PwmSession pwmSession, final PwmDomain pwmDomain )
     {
 
         if ( userStrOverride != null )
@@ -128,12 +128,12 @@ public class ErrorInformation implements Serializable
             return userStrOverride;
         }
 
-        Configuration config = null;
+        DomainConfig config = null;
         Locale userLocale = null;
 
-        if ( pwmSession != null && pwmApplication.getConfig() != null )
+        if ( pwmSession != null && pwmDomain.getConfig() != null )
         {
-            config = pwmApplication.getConfig();
+            config = pwmDomain.getConfig();
         }
 
         if ( pwmSession != null )
@@ -144,7 +144,7 @@ public class ErrorInformation implements Serializable
         return toUserStr( userLocale, config );
     }
 
-    public String toUserStr( final Locale userLocale, final Configuration config )
+    public String toUserStr( final Locale userLocale, final DomainConfig config )
     {
         if ( userStrOverride != null )
         {

server/src/main/java/password/pwm/error/PwmError.java

@@ -21,7 +21,7 @@
 package password.pwm.error;
 
 import com.novell.ldapchai.exception.ChaiError;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.util.i18n.LocaleHelper;
 import password.pwm.util.java.JavaHelper;
 
@@ -380,7 +380,7 @@ public enum PwmError
 
     }
 
-    public String getLocalizedMessage( final Locale locale, final Configuration config, final String... fieldValue )
+    public String getLocalizedMessage( final Locale locale, final DomainConfig config, final String... fieldValue )
     {
         return LocaleHelper.getLocalizedMessage( locale, this.getResourceKey(), config, password.pwm.i18n.Error.class, fieldValue );
     }

server/src/main/java/password/pwm/health/ApplianceStatusChecker.java

@@ -21,7 +21,7 @@
 package password.pwm.health;
 
 import org.apache.commons.io.FileUtils;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmEnvironment;
 import password.pwm.bean.SessionLabel;
 import password.pwm.error.ErrorInformation;
@@ -57,9 +57,9 @@ public class ApplianceStatusChecker implements HealthChecker
     }
 
     @Override
-    public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
+    public List<HealthRecord> doHealthCheck( final PwmDomain pwmDomain )
     {
-        final boolean isApplianceAvailable = pwmApplication.getPwmEnvironment().getFlags().contains( PwmEnvironment.ApplicationFlag.Appliance );
+        final boolean isApplianceAvailable = pwmDomain.getPwmEnvironment().getFlags().contains( PwmEnvironment.ApplicationFlag.Appliance );
 
         if ( !isApplianceAvailable )
         {
@@ -70,7 +70,7 @@ public class ApplianceStatusChecker implements HealthChecker
 
         try
         {
-            healthRecords.addAll( readApplianceHealthStatus( pwmApplication ) );
+            healthRecords.addAll( readApplianceHealthStatus( pwmDomain ) );
         }
         catch ( final Exception e )
         {
@@ -80,18 +80,18 @@ public class ApplianceStatusChecker implements HealthChecker
         return healthRecords;
     }
 
-    private List<HealthRecord> readApplianceHealthStatus( final PwmApplication pwmApplication ) throws IOException, PwmUnrecoverableException, PwmOperationalException
+    private List<HealthRecord> readApplianceHealthStatus( final PwmDomain pwmDomain ) throws IOException, PwmUnrecoverableException, PwmOperationalException
     {
         final List<HealthRecord> healthRecords = new ArrayList<>();
 
-        final String url = figureUrl( pwmApplication );
-        final Map<String, String> requestHeaders = Collections.singletonMap( "sspr-authorization-token", getApplianceAccessToken( pwmApplication ) );
+        final String url = figureUrl( pwmDomain );
+        final Map<String, String> requestHeaders = Collections.singletonMap( "sspr-authorization-token", getApplianceAccessToken( pwmDomain ) );
 
         final PwmHttpClientConfiguration pwmHttpClientConfiguration = PwmHttpClientConfiguration.builder()
                 .trustManagerType( PwmHttpClientConfiguration.TrustManagerType.promiscuous )
                 .build();
 
-        final PwmHttpClient pwmHttpClient = pwmApplication.getHttpClientService().getPwmHttpClient( pwmHttpClientConfiguration );
+        final PwmHttpClient pwmHttpClient = pwmDomain.getHttpClientService().getPwmHttpClient( pwmHttpClientConfiguration );
         final PwmHttpClientRequest pwmHttpClientRequest = PwmHttpClientRequest.builder()
                 .method( HttpMethod.GET )
                 .url( url )
@@ -127,9 +127,9 @@ public class ApplianceStatusChecker implements HealthChecker
 
     }
 
-    private String getApplianceAccessToken( final PwmApplication pwmApplication ) throws IOException, PwmOperationalException
+    private String getApplianceAccessToken( final PwmDomain pwmDomain ) throws IOException, PwmOperationalException
     {
-        final String tokenFile = pwmApplication.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.ApplianceTokenFile );
+        final String tokenFile = pwmDomain.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.ApplianceTokenFile );
         if ( StringUtil.isEmpty( tokenFile ) )
         {
             final String msg = "unable to determine appliance token, token file environment param "
@@ -144,9 +144,9 @@ public class ApplianceStatusChecker implements HealthChecker
         return "";
     }
 
-    private String figureUrl( final PwmApplication pwmApplication ) throws IOException, PwmOperationalException
+    private String figureUrl( final PwmDomain pwmDomain ) throws IOException, PwmOperationalException
     {
-        final String hostnameFile = pwmApplication.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.ApplianceHostnameFile );
+        final String hostnameFile = pwmDomain.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.ApplianceHostnameFile );
         if ( StringUtil.isEmpty( hostnameFile ) )
         {
             final String msg = "unable to determine appliance hostname, hostname file environment param "
@@ -155,7 +155,7 @@ public class ApplianceStatusChecker implements HealthChecker
         }
 
         final String hostname = readFileContents( hostnameFile );
-        final String port = pwmApplication.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.AppliancePort );
+        final String port = pwmDomain.getPwmEnvironment().getParameters().get( PwmEnvironment.ApplicationParameter.AppliancePort );
 
         final String url = "https://" + hostname + ":" + port + "/sspr/appliance-update-status";
         LOGGER.trace( SessionLabel.HEALTH_SESSION_LABEL, () -> "calculated appliance host url as: " + url );

server/src/main/java/password/pwm/health/CertificateChecker.java

@@ -21,9 +21,9 @@
 package password.pwm.health;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingSyntax;
 import password.pwm.config.profile.LdapProfile;
@@ -53,12 +53,12 @@ public class CertificateChecker implements HealthChecker
     private static final PwmLogger LOGGER = PwmLogger.forClass( CertificateChecker.class );
 
     @Override
-    public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
+    public List<HealthRecord> doHealthCheck( final PwmDomain pwmDomain )
     {
-        final List<HealthRecord> records = new ArrayList<>( doHealthCheck( pwmApplication.getConfig() ) );
+        final List<HealthRecord> records = new ArrayList<>( doHealthCheck( pwmDomain.getConfig() ) );
         try
         {
-            records.addAll( doActionHealthCheck( pwmApplication.getConfig() ) );
+            records.addAll( doActionHealthCheck( pwmDomain.getConfig() ) );
         }
         catch ( final PwmUnrecoverableException e )
         {
@@ -67,7 +67,7 @@ public class CertificateChecker implements HealthChecker
         return records;
     }
 
-    private static List<HealthRecord> doHealthCheck( final Configuration configuration )
+    private static List<HealthRecord> doHealthCheck( final DomainConfig domainConfig )
     {
         final List<HealthRecord> returnList = new ArrayList<>();
         for ( final PwmSetting setting : PwmSetting.values() )
@@ -76,23 +76,23 @@ public class CertificateChecker implements HealthChecker
             {
                 if ( setting != PwmSetting.LDAP_SERVER_CERTS )
                 {
-                    final List<X509Certificate> certs = configuration.readSettingAsCertificate( setting );
-                    returnList.addAll( doHealthCheck( configuration, setting, null, certs ) );
+                    final List<X509Certificate> certs = domainConfig.readSettingAsCertificate( setting );
+                    returnList.addAll( doHealthCheck( domainConfig, setting, null, certs ) );
                 }
             }
         }
-        for ( final LdapProfile ldapProfile : configuration.getLdapProfiles().values() )
+        for ( final LdapProfile ldapProfile : domainConfig.getLdapProfiles().values() )
         {
-            final List<X509Certificate> certificates = configuration.getLdapProfiles().get( ldapProfile.getIdentifier() ).readSettingAsCertificate( PwmSetting.LDAP_SERVER_CERTS );
-            returnList.addAll( doHealthCheck( configuration, PwmSetting.LDAP_SERVER_CERTS, ldapProfile.getIdentifier(), certificates ) );
+            final List<X509Certificate> certificates = domainConfig.getLdapProfiles().get( ldapProfile.getIdentifier() ).readSettingAsCertificate( PwmSetting.LDAP_SERVER_CERTS );
+            returnList.addAll( doHealthCheck( domainConfig, PwmSetting.LDAP_SERVER_CERTS, ldapProfile.getIdentifier(), certificates ) );
         }
         return Collections.unmodifiableList( returnList );
     }
 
-    private static List<HealthRecord> doActionHealthCheck( final Configuration configuration ) throws PwmUnrecoverableException
+    private static List<HealthRecord> doActionHealthCheck( final DomainConfig domainConfig ) throws PwmUnrecoverableException
     {
 
-        final StoredConfiguration storedConfiguration = configuration.getStoredConfiguration();
+        final StoredConfiguration storedConfiguration = domainConfig.getStoredConfiguration();
 
         final List<HealthRecord> returnList = new ArrayList<>();
         final Set<StoredConfigItemKey> modifiedReferences = storedConfiguration.modifiedItems();
@@ -111,7 +111,7 @@ public class CertificateChecker implements HealthChecker
                             for ( final ActionConfiguration.WebAction webAction : actionConfiguration.getWebActions() )
                             {
                                 final List<X509Certificate> certificates = webAction.getCertificates();
-                                returnList.addAll( doHealthCheck( configuration, pwmSetting, storedConfigItemKey.getProfileID(), certificates ) );
+                                returnList.addAll( doHealthCheck( domainConfig, pwmSetting, storedConfigItemKey.getProfileID(), certificates ) );
                             }
                         }
                     }
@@ -123,13 +123,13 @@ public class CertificateChecker implements HealthChecker
     }
 
     private static List<HealthRecord> doHealthCheck(
-            final Configuration configuration,
+            final DomainConfig domainConfig,
             final PwmSetting setting,
             final String profileID,
             final List<X509Certificate> certificates
     )
     {
-        final long warnDurationMs = 1000 * Long.parseLong( configuration.readAppProperty( AppProperty.HEALTH_CERTIFICATE_WARN_SECONDS ) );
+        final long warnDurationMs = 1000 * Long.parseLong( domainConfig.readAppProperty( AppProperty.HEALTH_CERTIFICATE_WARN_SECONDS ) );
 
         if ( certificates != null )
         {

server/src/main/java/password/pwm/health/ConfigurationChecker.java

@@ -21,10 +21,10 @@
 package password.pwm.health;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingSyntax;
 import password.pwm.config.option.DataStorageMethod;
@@ -68,18 +68,18 @@ public class ConfigurationChecker implements HealthChecker
     private static final PwmLogger LOGGER = PwmLogger.forClass( ConfigurationChecker.class );
 
     @Override
-    public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
+    public List<HealthRecord> doHealthCheck( final PwmDomain pwmDomain )
     {
-        if ( pwmApplication.getConfig() == null )
+        if ( pwmDomain.getConfig() == null )
         {
             return Collections.emptyList();
         }
 
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
 
         final List<HealthRecord> records = new ArrayList<>();
 
-        if ( pwmApplication.getApplicationMode() == PwmApplicationMode.CONFIGURATION )
+        if ( pwmDomain.getApplicationMode() == PwmApplicationMode.CONFIGURATION )
         {
             records.add( HealthRecord.forMessage( HealthMessage.Config_ConfigMode ) );
         }
@@ -90,7 +90,7 @@ public class ConfigurationChecker implements HealthChecker
             {
                 try
                 {
-                    newUserProfile.getNewUserPasswordPolicy( pwmApplication, PwmConstants.DEFAULT_LOCALE );
+                    newUserProfile.getNewUserPasswordPolicy( pwmDomain, PwmConstants.DEFAULT_LOCALE );
                 }
                 catch ( final PwmUnrecoverableException e )
                 {
@@ -107,7 +107,7 @@ public class ConfigurationChecker implements HealthChecker
         return Collections.unmodifiableList( records );
     }
 
-    public List<HealthRecord> doHealthCheck( final Configuration config, final Locale locale )
+    public List<HealthRecord> doHealthCheck( final DomainConfig config, final Locale locale )
     {
         if ( config.readSettingAsBoolean( PwmSetting.HIDE_CONFIGURATION_HEALTH_WARNINGS ) )
         {
@@ -119,7 +119,7 @@ public class ConfigurationChecker implements HealthChecker
 
 
     private List<HealthRecord> allChecks(
-            final Configuration config,
+            final DomainConfig config,
             final Locale locale
     )
     {
@@ -156,7 +156,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyBasicConfigs implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
             final String siteUrl = config.readSettingAsString( PwmSetting.PWM_SITE_URL );
@@ -241,7 +241,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyPasswordStrengthLevels implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
 
@@ -287,7 +287,7 @@ public class ConfigurationChecker implements HealthChecker
     {
         @Override
         public List<HealthRecord> healthCheck(
-                final Configuration config,
+                final DomainConfig config,
                 final Locale locale
         )
         {
@@ -322,7 +322,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyDbConfiguredIfNeeded implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
             if ( !config.hasDbConfigured() )
@@ -377,7 +377,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyPasswordPolicyConfigs implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
             for ( final String profileID : config.getPasswordProfileIDs() )
@@ -399,7 +399,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyNewUserLdapProfile implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
             for ( final NewUserProfile newUserProfile : config.getNewUserProfiles().values() )
@@ -424,7 +424,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyIfDeprecatedJsFormOptionUsed implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
 
@@ -478,7 +478,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyIfDeprecatedSendMethodValuesUsed implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final Set<MessageSendMethod> deprecatedMethods = Arrays
                     .stream( MessageSendMethod.values() )
@@ -556,7 +556,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyPasswordWaitTimes implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
 
@@ -587,7 +587,7 @@ public class ConfigurationChecker implements HealthChecker
     static class VerifyUserPermissionSettings implements ConfigHealthCheck
     {
         @Override
-        public List<HealthRecord> healthCheck( final Configuration config, final Locale locale )
+        public List<HealthRecord> healthCheck( final DomainConfig config, final Locale locale )
         {
             final List<HealthRecord> records = new ArrayList<>();
 
@@ -621,13 +621,13 @@ public class ConfigurationChecker implements HealthChecker
         }
 
         private static List<HealthRecord> checkLdapProfile(
-                final Configuration configuration,
+                final DomainConfig domainConfig,
                 final StoredConfigItemKey storedConfigItemKey,
                 final Locale locale,
                 final UserPermission permission
         )
         {
-            final List<LdapProfile> ldapProfiles = ldapProfilesForLdapProfileSetting( configuration, permission.getLdapProfileID() );
+            final List<LdapProfile> ldapProfiles = ldapProfilesForLdapProfileSetting( domainConfig, permission.getLdapProfileID() );
             if ( ldapProfiles.isEmpty()  )
             {
                 final PwmSetting pwmSetting = storedConfigItemKey.toPwmSetting();
@@ -640,16 +640,16 @@ public class ConfigurationChecker implements HealthChecker
             return Collections.emptyList();
         }
 
-        public static List<LdapProfile> ldapProfilesForLdapProfileSetting( final Configuration configuration, final String profileID )
+        public static List<LdapProfile> ldapProfilesForLdapProfileSetting( final DomainConfig domainConfig, final String profileID )
         {
             if ( UserPermissionUtility.isAllProfiles( profileID ) )
             {
-                return Collections.unmodifiableList( new ArrayList<>( configuration.getLdapProfiles().values() ) );
+                return Collections.unmodifiableList( new ArrayList<>( domainConfig.getLdapProfiles().values() ) );
             }
 
-            if ( configuration.getLdapProfiles().containsKey( profileID ) )
+            if ( domainConfig.getLdapProfiles().containsKey( profileID ) )
             {
-                return Collections.singletonList( configuration.getLdapProfiles().get( profileID ) );
+                return Collections.singletonList( domainConfig.getLdapProfiles().get( profileID ) );
             }
 
             return Collections.emptyList();
@@ -659,7 +659,7 @@ public class ConfigurationChecker implements HealthChecker
     interface ConfigHealthCheck
     {
         List<HealthRecord> healthCheck(
-                Configuration configuration,
+                DomainConfig domainConfig,
                 Locale locale );
     }
 }

server/src/main/java/password/pwm/health/DatabaseStatusChecker.java

@@ -20,9 +20,9 @@
 
 package password.pwm.health;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmEnvironment;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.error.PwmException;
 import password.pwm.util.db.DatabaseAccessor;
 import password.pwm.util.db.DatabaseTable;
@@ -36,17 +36,17 @@ public class DatabaseStatusChecker implements HealthChecker
     private static final PwmLogger LOGGER = PwmLogger.forClass( DatabaseStatusChecker.class );
 
     @Override
-    public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
+    public List<HealthRecord> doHealthCheck( final PwmDomain pwmDomain )
     {
         return Collections.emptyList();
     }
 
-    public static List<HealthRecord> checkNewDatabaseStatus( final PwmApplication pwmApplication, final Configuration config )
+    public static List<HealthRecord> checkNewDatabaseStatus( final PwmDomain pwmDomain, final DomainConfig config )
     {
-        return checkDatabaseStatus( pwmApplication, config );
+        return checkDatabaseStatus( pwmDomain, config );
     }
 
-    private static List<HealthRecord> checkDatabaseStatus( final PwmApplication pwmApplication, final Configuration config )
+    private static List<HealthRecord> checkDatabaseStatus( final PwmDomain pwmDomain, final DomainConfig config )
     {
         if ( !config.hasDbConfigured() )
         {
@@ -54,11 +54,11 @@ public class DatabaseStatusChecker implements HealthChecker
                             "Database not configured" ) );
         }
 
-        PwmApplication runtimeInstance = null;
+        PwmDomain runtimeInstance = null;
         try
         {
-            final PwmEnvironment runtimeEnvironment = pwmApplication.getPwmEnvironment().makeRuntimeInstance( config );
-            runtimeInstance = PwmApplication.createPwmApplication( runtimeEnvironment );
+            final PwmEnvironment runtimeEnvironment = pwmDomain.getPwmEnvironment().makeRuntimeInstance( config );
+            runtimeInstance = PwmDomain.createPwmApplication( runtimeEnvironment );
             final DatabaseAccessor accessor = runtimeInstance.getDatabaseService().getAccessor();
             accessor.get( DatabaseTable.PWM_META, "test" );
             return runtimeInstance.getDatabaseService().healthCheck();

server/src/main/java/password/pwm/health/HealthChecker.java

@@ -20,11 +20,11 @@
 
 package password.pwm.health;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 
 import java.util.List;
 
 public interface HealthChecker
 {
-    List<HealthRecord> doHealthCheck( PwmApplication pwmApplication );
+    List<HealthRecord> doHealthCheck( PwmDomain pwmDomain );
 }

server/src/main/java/password/pwm/health/HealthMessage.java

@@ -20,6 +20,7 @@
 
 package password.pwm.health;
 
+import password.pwm.config.DomainConfig;
 import password.pwm.i18n.Health;
 import password.pwm.util.i18n.LocaleHelper;
 
@@ -140,7 +141,7 @@ public enum HealthMessage
 
     public String getDescription(
             final Locale locale,
-            final password.pwm.config.Configuration config,
+            final DomainConfig config,
             final String[] fields )
     {
         return LocaleHelper.getLocalizedMessage( locale, this.getKey(), config, Health.class, fields );

server/src/main/java/password/pwm/health/HealthMonitor.java

@@ -22,7 +22,7 @@ package password.pwm.health;
 
 import lombok.Value;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
 import password.pwm.error.PwmException;
 import password.pwm.error.PwmUnrecoverableException;
@@ -86,7 +86,7 @@ public class HealthMonitor implements PwmService
     private final AtomicInteger healthCheckCount = new AtomicInteger( 0 );
 
     private STATUS status = STATUS.CLOSED;
-    private PwmApplication pwmApplication;
+    private PwmDomain pwmDomain;
     private volatile HealthData healthData = emptyHealthData();
 
     enum HealthMonitorFlag
@@ -100,30 +100,30 @@ public class HealthMonitor implements PwmService
     }
 
     @Override
-    public void init( final PwmApplication pwmApplication ) throws PwmException
+    public void init( final PwmDomain pwmDomain ) throws PwmException
     {
-        this.pwmApplication = pwmApplication;
+        this.pwmDomain = pwmDomain;
         this.healthData = emptyHealthData();
-        settings = HealthMonitorSettings.fromConfiguration( pwmApplication.getConfig() );
+        settings = HealthMonitorSettings.fromConfiguration( pwmDomain.getConfig() );
 
-        if ( !Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTHCHECK_ENABLED ) ) )
+        if ( !Boolean.parseBoolean( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTHCHECK_ENABLED ) ) )
         {
             LOGGER.debug( () -> "health monitor will remain inactive due to AppProperty " + AppProperty.HEALTHCHECK_ENABLED.getKey() );
             status = STATUS.CLOSED;
             return;
         }
 
-        executorService = PwmScheduler.makeBackgroundExecutor( pwmApplication, this.getClass() );
-        supportZipWriterService = PwmScheduler.makeBackgroundExecutor( pwmApplication, this.getClass() );
+        executorService = PwmScheduler.makeBackgroundExecutor( pwmDomain, this.getClass() );
+        supportZipWriterService = PwmScheduler.makeBackgroundExecutor( pwmDomain, this.getClass() );
         scheduleNextZipOutput();
 
         {
-            final int threadDumpIntervalSeconds = JavaHelper.silentParseInt( pwmApplication.getConfig().readAppProperty(
+            final int threadDumpIntervalSeconds = JavaHelper.silentParseInt( pwmDomain.getConfig().readAppProperty(
                     AppProperty.LOGGING_EXTRA_PERIODIC_THREAD_DUMP_INTERVAL ), 0 );
             if ( threadDumpIntervalSeconds > 0 )
             {
                 final TimeDuration interval =  TimeDuration.of( threadDumpIntervalSeconds, TimeDuration.Unit.SECONDS );
-                pwmApplication.getPwmScheduler().scheduleFixedRateJob( new ThreadDumpLogger(), executorService, TimeDuration.SECOND, interval );
+                pwmDomain.getPwmScheduler().scheduleFixedRateJob( new ThreadDumpLogger(), executorService, TimeDuration.SECOND, interval );
             }
         }
 
@@ -179,12 +179,12 @@ public class HealthMonitor implements PwmService
         {
             final Instant startTime = Instant.now();
             LOGGER.trace( () ->  "begin force immediate check" );
-            final Future future = pwmApplication.getPwmScheduler().scheduleJob( new ImmediateJob(), executorService, TimeDuration.ZERO );
+            final Future future = pwmDomain.getPwmScheduler().scheduleJob( new ImmediateJob(), executorService, TimeDuration.ZERO );
             settings.getMaximumForceCheckWait().pause( future::isDone );
             LOGGER.trace( () ->  "exit force immediate check, done=" + future.isDone(), () -> TimeDuration.fromCurrent( startTime ) );
         }
 
-        pwmApplication.getPwmScheduler().scheduleJob( new UpdateJob(), executorService, settings.getNominalCheckInterval() );
+        pwmDomain.getPwmScheduler().scheduleJob( new UpdateJob(), executorService, settings.getNominalCheckInterval() );
 
         {
             final HealthData localHealthData = this.healthData;
@@ -239,7 +239,7 @@ public class HealthMonitor implements PwmService
         {
             try
             {
-                final List<HealthRecord> loopResults = loopChecker.doHealthCheck( pwmApplication );
+                final List<HealthRecord> loopResults = loopChecker.doHealthCheck( pwmDomain );
                 if ( loopResults != null )
                 {
                     tempResults.addAll( loopResults );
@@ -253,7 +253,7 @@ public class HealthMonitor implements PwmService
                 }
             }
         }
-        for ( final PwmService service : pwmApplication.getPwmServices() )
+        for ( final PwmService service : pwmDomain.getPwmServices() )
         {
             try
             {
@@ -336,21 +336,21 @@ public class HealthMonitor implements PwmService
 
     private void scheduleNextZipOutput()
     {
-        final int intervalSeconds = JavaHelper.silentParseInt( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTH_SUPPORT_BUNDLE_WRITE_INTERVAL_SECONDS ), 0 );
+        final int intervalSeconds = JavaHelper.silentParseInt( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTH_SUPPORT_BUNDLE_WRITE_INTERVAL_SECONDS ), 0 );
         if ( intervalSeconds > 0 )
         {
             final TimeDuration intervalDuration = TimeDuration.of( intervalSeconds, TimeDuration.Unit.SECONDS );
-            pwmApplication.getPwmScheduler().scheduleJob( new SupportZipFileWriter( pwmApplication ), supportZipWriterService, intervalDuration );
+            pwmDomain.getPwmScheduler().scheduleJob( new SupportZipFileWriter( pwmDomain ), supportZipWriterService, intervalDuration );
         }
     }
 
     private class SupportZipFileWriter implements Runnable
     {
-        private final PwmApplication pwmApplication;
+        private final PwmDomain pwmDomain;
 
-        SupportZipFileWriter( final PwmApplication pwmApplication )
+        SupportZipFileWriter( final PwmDomain pwmDomain )
         {
-            this.pwmApplication = pwmApplication;
+            this.pwmDomain = pwmDomain;
         }
 
         @Override
@@ -371,14 +371,14 @@ public class HealthMonitor implements PwmService
         private void writeSupportZipToAppPath()
                 throws IOException, PwmUnrecoverableException
         {
-            final File appPath = pwmApplication.getPwmEnvironment().getApplicationPath();
+            final File appPath = pwmDomain.getPwmEnvironment().getApplicationPath();
             if ( !appPath.exists() )
             {
                 return;
             }
 
-            final int rotationCount = JavaHelper.silentParseInt( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTH_SUPPORT_BUNDLE_FILE_WRITE_COUNT ), 10 );
-            final DebugItemGenerator debugItemGenerator = new DebugItemGenerator( pwmApplication, SessionLabel.HEALTH_SESSION_LABEL );
+            final int rotationCount = JavaHelper.silentParseInt( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTH_SUPPORT_BUNDLE_FILE_WRITE_COUNT ), 10 );
+            final DebugItemGenerator debugItemGenerator = new DebugItemGenerator( pwmDomain, SessionLabel.HEALTH_SESSION_LABEL );
 
             final File supportPath = new File( appPath.getPath() + File.separator + "support" );
 

server/src/main/java/password/pwm/health/HealthMonitorSettings.java

@@ -23,7 +23,7 @@ package password.pwm.health;
 import lombok.Builder;
 import lombok.Value;
 import password.pwm.AppProperty;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.util.java.TimeDuration;
 
 import java.io.Serializable;
@@ -37,7 +37,7 @@ class HealthMonitorSettings implements Serializable
     private TimeDuration maximumRecordAge;
     private TimeDuration maximumForceCheckWait;
 
-    static HealthMonitorSettings fromConfiguration( final Configuration config )
+    static HealthMonitorSettings fromConfiguration( final DomainConfig config )
     {
         return HealthMonitorSettings.builder()
                 .nominalCheckInterval( TimeDuration.of( Long.parseLong( config.readAppProperty( AppProperty.HEALTHCHECK_NOMINAL_CHECK_INTERVAL ) ), TimeDuration.Unit.SECONDS ) )

server/src/main/java/password/pwm/health/HealthRecord.java

@@ -22,7 +22,7 @@ package password.pwm.health;
 
 import lombok.EqualsAndHashCode;
 import org.jetbrains.annotations.NotNull;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.ws.server.rest.bean.HealthData;
 
 import java.io.Serializable;
@@ -88,7 +88,7 @@ public class HealthRecord implements Serializable, Comparable<HealthRecord>
         return status;
     }
 
-    public String getTopic( final Locale locale, final Configuration config )
+    public String getTopic( final Locale locale, final DomainConfig config )
     {
         if ( topic != null )
         {
@@ -97,7 +97,7 @@ public class HealthRecord implements Serializable, Comparable<HealthRecord>
         return "";
     }
 
-    public String getDetail( final Locale locale, final Configuration config )
+    public String getDetail( final Locale locale, final DomainConfig config )
     {
         if ( message != null )
         {
@@ -106,7 +106,7 @@ public class HealthRecord implements Serializable, Comparable<HealthRecord>
         return "";
     }
 
-    public String toDebugString( final Locale locale, final Configuration config )
+    public String toDebugString( final Locale locale, final DomainConfig config )
     {
         return HealthRecord.class.getSimpleName() + " " + status.getDescription( locale, config ) + " " + this.getTopic(
                 locale, config ) + " " + this.getDetail( locale, config );
@@ -124,13 +124,13 @@ public class HealthRecord implements Serializable, Comparable<HealthRecord>
     }
 
     public static HealthData asHealthDataBean(
-            final Configuration configuration,
+            final DomainConfig domainConfig,
             final Locale locale,
             final List<HealthRecord> profileRecords
     )
     {
         final List<password.pwm.ws.server.rest.bean.HealthRecord> healthRecordBeans = password.pwm.ws.server.rest.bean.HealthRecord.fromHealthRecords(
-                profileRecords, locale, configuration );
+                profileRecords, locale, domainConfig );
         return HealthData.builder()
                 .timestamp( Instant.now() )
                 .overall( HealthMonitor.getMostSevereHealthStatus( profileRecords ).toString() )

server/src/main/java/password/pwm/health/HealthStatus.java

@@ -20,6 +20,7 @@
 
 package password.pwm.health;
 
+import password.pwm.config.DomainConfig;
 import password.pwm.i18n.Health;
 import password.pwm.util.i18n.LocaleHelper;
 import password.pwm.util.java.JavaHelper;
@@ -43,7 +44,7 @@ public enum HealthStatus
         return HealthStatus.class.getSimpleName() + "_" + this.toString();
     }
 
-    public String getDescription( final Locale locale, final password.pwm.config.Configuration config )
+    public String getDescription( final Locale locale, final DomainConfig config )
     {
         return LocaleHelper.getLocalizedMessage( locale, this.getKey(), config, Health.class );
     }

server/src/main/java/password/pwm/health/HealthTopic.java

@@ -20,6 +20,7 @@
 
 package password.pwm.health;
 
+import password.pwm.config.DomainConfig;
 import password.pwm.i18n.Health;
 import password.pwm.util.i18n.LocaleHelper;
 
@@ -45,7 +46,7 @@ public enum HealthTopic
         return HealthTopic.class.getSimpleName() + "_" + this.toString();
     }
 
-    public String getDescription( final Locale locale, final password.pwm.config.Configuration config )
+    public String getDescription( final Locale locale, final DomainConfig config )
     {
         return LocaleHelper.getLocalizedMessage( locale, this.getKey(), config, Health.class );
     }

server/src/main/java/password/pwm/health/JavaChecker.java

@@ -21,7 +21,7 @@
 package password.pwm.health;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 
 import java.util.ArrayList;
 import java.util.List;
@@ -29,17 +29,17 @@ import java.util.List;
 public class JavaChecker implements HealthChecker
 {
     @Override
-    public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
+    public List<HealthRecord> doHealthCheck( final PwmDomain pwmDomain )
     {
         final List<HealthRecord> records = new ArrayList<>();
 
-        final int maxActiveThreads = Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTH_JAVA_MAX_THREADS ) );
+        final int maxActiveThreads = Integer.parseInt( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTH_JAVA_MAX_THREADS ) );
         if ( Thread.activeCount() > maxActiveThreads )
         {
             records.add( HealthRecord.forMessage( HealthMessage.Java_HighThreads ) );
         }
 
-        final long minMemory = Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTH_JAVA_MIN_HEAP_BYTES ) );
+        final long minMemory = Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTH_JAVA_MIN_HEAP_BYTES ) );
         if ( Runtime.getRuntime().maxMemory() <= minMemory )
         {
             records.add( HealthRecord.forMessage( HealthMessage.Java_SmallHeap ) );

server/src/main/java/password/pwm/health/LDAPHealthChecker.java

@@ -32,12 +32,12 @@ import com.novell.ldapchai.provider.ChaiSetting;
 import com.novell.ldapchai.provider.DirectoryVendor;
 import com.novell.ldapchai.util.ChaiUtility;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.PasswordStatus;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingCategory;
 import password.pwm.config.PwmSettingFlag;
@@ -86,41 +86,41 @@ public class LDAPHealthChecker implements HealthChecker
     private static final PwmLogger LOGGER = PwmLogger.forClass( LDAPHealthChecker.class );
 
     @Override
-    public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
+    public List<HealthRecord> doHealthCheck( final PwmDomain pwmDomain )
     {
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final List<HealthRecord> returnRecords = new ArrayList<>();
-        final Map<String, LdapProfile> ldapProfiles = pwmApplication.getConfig().getLdapProfiles();
+        final Map<String, LdapProfile> ldapProfiles = pwmDomain.getConfig().getLdapProfiles();
 
         for ( final Map.Entry<String, LdapProfile> entry : ldapProfiles.entrySet() )
         {
             final String profileID = entry.getKey();
             final List<HealthRecord> profileRecords = new ArrayList<>(
-                    checkBasicLdapConnectivity( pwmApplication, config, entry.getValue(), true )
+                    checkBasicLdapConnectivity( pwmDomain, config, entry.getValue(), true )
             );
 
             if ( profileRecords.isEmpty() )
             {
-                profileRecords.addAll( checkLdapServerUrls( pwmApplication, config, ldapProfiles.get( profileID ) ) );
+                profileRecords.addAll( checkLdapServerUrls( pwmDomain, config, ldapProfiles.get( profileID ) ) );
             }
 
             if ( profileRecords.isEmpty() )
             {
                 profileRecords.add( HealthRecord.forMessage( HealthMessage.LDAP_OK ) );
-                profileRecords.addAll( doLdapTestUserCheck( config, ldapProfiles.get( profileID ), pwmApplication ) );
+                profileRecords.addAll( doLdapTestUserCheck( config, ldapProfiles.get( profileID ), pwmDomain ) );
             }
             returnRecords.addAll( profileRecords );
         }
 
-        for ( final Map.Entry<String, ErrorInformation> entry : pwmApplication.getLdapConnectionService().getLastLdapFailure().entrySet() )
+        for ( final Map.Entry<String, ErrorInformation> entry : pwmDomain.getLdapConnectionService().getLastLdapFailure().entrySet() )
         {
             final ErrorInformation errorInfo = entry.getValue();
-            final LdapProfile ldapProfile = pwmApplication.getConfig().getLdapProfiles().get( entry.getKey() );
+            final LdapProfile ldapProfile = pwmDomain.getConfig().getLdapProfiles().get( entry.getKey() );
             if ( errorInfo != null )
             {
                 final TimeDuration errorAge = TimeDuration.fromCurrent( errorInfo.getDate() );
 
-                final long cautionDurationMS = Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTH_LDAP_CAUTION_DURATION_MS ) );
+                final long cautionDurationMS = Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTH_LDAP_CAUTION_DURATION_MS ) );
                 if ( errorAge.isShorterThan( cautionDurationMS ) )
                 {
                     final String ageString = errorAge.asLongString();
@@ -142,13 +142,13 @@ public class LDAPHealthChecker implements HealthChecker
             final List<String> urls = config.getLdapProfiles().values().iterator().next().readSettingAsStringArray( PwmSetting.LDAP_SERVER_URLS );
             if ( urls != null && !urls.isEmpty() && !StringUtil.isEmpty( urls.iterator().next() ) )
             {
-                returnRecords.addAll( checkVendorSameness( pwmApplication ) );
+                returnRecords.addAll( checkVendorSameness( pwmDomain ) );
 
-                returnRecords.addAll( checkUserPermissionValues( pwmApplication ) );
+                returnRecords.addAll( checkUserPermissionValues( pwmDomain ) );
 
-                returnRecords.addAll( checkLdapDNSyntaxValues( pwmApplication ) );
+                returnRecords.addAll( checkLdapDNSyntaxValues( pwmDomain ) );
 
-                returnRecords.addAll( checkNewUserPasswordTemplateSetting( pwmApplication, config ) );
+                returnRecords.addAll( checkNewUserPasswordTemplateSetting( pwmDomain, config ) );
 
      //           returnRecords.addAll( checkUserSearching( pwmApplication ) );
             }
@@ -159,9 +159,9 @@ public class LDAPHealthChecker implements HealthChecker
 
     @SuppressWarnings( "checkstyle:MethodLength" )
     public List<HealthRecord> doLdapTestUserCheck(
-            final Configuration config,
+            final DomainConfig config,
             final LdapProfile ldapProfile,
-            final PwmApplication pwmApplication
+            final PwmDomain pwmDomain
     )
     {
         String testUserDN = ldapProfile.readSettingAsString( PwmSetting.LDAP_TEST_USER_DN );
@@ -177,8 +177,8 @@ public class LDAPHealthChecker implements HealthChecker
 
         try
         {
-            testUserDN = ldapProfile.readCanonicalDN( pwmApplication, testUserDN );
-            proxyUserDN = ldapProfile.readCanonicalDN( pwmApplication, proxyUserDN );
+            testUserDN = ldapProfile.readCanonicalDN( pwmDomain, testUserDN );
+            proxyUserDN = ldapProfile.readCanonicalDN( pwmDomain, proxyUserDN );
         }
         catch ( final PwmUnrecoverableException e )
         {
@@ -210,7 +210,7 @@ public class LDAPHealthChecker implements HealthChecker
             {
 
                 chaiProvider = LdapOperationsHelper.createChaiProvider(
-                        pwmApplication,
+                        pwmDomain,
                         SessionLabel.HEALTH_SESSION_LABEL,
                         ldapProfile,
                         config,
@@ -264,7 +264,7 @@ public class LDAPHealthChecker implements HealthChecker
             );
             try
             {
-                final boolean readPwdEnabled = pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.EDIRECTORY_READ_USER_PWD )
+                final boolean readPwdEnabled = pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.EDIRECTORY_READ_USER_PWD )
                         && theUser.getChaiProvider().getDirectoryVendor() == DirectoryVendor.EDIRECTORY;
 
                 if ( readPwdEnabled )
@@ -290,14 +290,14 @@ public class LDAPHealthChecker implements HealthChecker
                     final UserIdentity userIdentity = UserIdentity.createUserIdentity( testUserDN, ldapProfile.getIdentifier() );
 
                     final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(
-                            pwmApplication, null, userIdentity, theUser, locale );
+                            pwmDomain, null, userIdentity, theUser, locale );
 
                     boolean doPasswordChange = true;
                     final int minLifetimeSeconds = passwordPolicy.getRuleHelper().readIntValue( PwmPasswordRule.MinimumLifetime );
                     if ( minLifetimeSeconds > 0 )
                     {
                         final Instant pwdLastModified = PasswordUtility.determinePwdLastModified(
-                                pwmApplication,
+                                pwmDomain,
                                 SessionLabel.HEALTH_SESSION_LABEL,
                                 userIdentity
                         );
@@ -306,7 +306,7 @@ public class LDAPHealthChecker implements HealthChecker
                         final PasswordStatus passwordStatus;
                         {
                             final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                                    pwmApplication,
+                                    pwmDomain,
                                     SessionLabel.HEALTH_SESSION_LABEL,
                                     locale,
                                     userIdentity,
@@ -332,7 +332,7 @@ public class LDAPHealthChecker implements HealthChecker
                     }
                     if ( doPasswordChange )
                     {
-                        final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword( null, passwordPolicy, pwmApplication );
+                        final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword( null, passwordPolicy, pwmDomain );
                         try
                         {
                             theUser.setPassword( newPassword.getStringValue() );
@@ -365,7 +365,7 @@ public class LDAPHealthChecker implements HealthChecker
             {
                 final UserIdentity userIdentity = UserIdentity.createUserIdentity( theUser.getEntryDN(), ldapProfile.getIdentifier() );
                 final UserInfo userInfo = UserInfoFactory.newUserInfo(
-                        pwmApplication,
+                        pwmDomain,
                         SessionLabel.HEALTH_SESSION_LABEL,
                         PwmConstants.DEFAULT_LOCALE,
                         userIdentity,
@@ -414,8 +414,8 @@ public class LDAPHealthChecker implements HealthChecker
 
 
     public List<HealthRecord> checkLdapServerUrls(
-            final PwmApplication pwmApplication,
-            final Configuration config,
+            final PwmDomain pwmDomain,
+            final DomainConfig config,
             final LdapProfile ldapProfile
     )
     {
@@ -428,7 +428,7 @@ public class LDAPHealthChecker implements HealthChecker
             try
             {
                 chaiProvider = LdapOperationsHelper.createChaiProvider(
-                        pwmApplication,
+                        pwmDomain,
                         SessionLabel.HEALTH_SESSION_LABEL,
                         config,
                         ldapProfile,
@@ -466,8 +466,8 @@ public class LDAPHealthChecker implements HealthChecker
     }
 
     public List<HealthRecord> checkBasicLdapConnectivity(
-            final PwmApplication pwmApplication,
-            final Configuration config,
+            final PwmDomain pwmDomain,
+            final DomainConfig config,
             final LdapProfile ldapProfile,
             final boolean testContextlessRoot
     )
@@ -498,7 +498,7 @@ public class LDAPHealthChecker implements HealthChecker
                             ldapProfile.getIdentifier(),
                             "Missing Proxy User Password: " + menuLocationStr ) );
                 }
-                chaiProvider = LdapOperationsHelper.createChaiProvider( pwmApplication, SessionLabel.HEALTH_SESSION_LABEL, ldapProfile, config, proxyDN, proxyPW );
+                chaiProvider = LdapOperationsHelper.createChaiProvider( pwmDomain, SessionLabel.HEALTH_SESSION_LABEL, ldapProfile, config, proxyDN, proxyPW );
                 final ChaiUser adminEntry = chaiProvider.getEntryFactory().newChaiUser( proxyDN );
                 adminEntry.exists();
                 directoryVendor = chaiProvider.getDirectoryVendor();
@@ -535,7 +535,7 @@ public class LDAPHealthChecker implements HealthChecker
                     if ( pwmError != null && pwmError != PwmError.ERROR_INTERNAL )
                     {
                         errorString.append( " - " );
-                        errorString.append( pwmError.getLocalizedMessage( PwmConstants.DEFAULT_LOCALE, pwmApplication.getConfig() ) );
+                        errorString.append( pwmError.getLocalizedMessage( PwmConstants.DEFAULT_LOCALE, pwmDomain.getConfig() ) );
                     }
                     errorString.append( ")" );
                 }
@@ -544,7 +544,7 @@ public class LDAPHealthChecker implements HealthChecker
                         ldapProfile.getIdentifier(),
                         errorString.toString() ) );
 
-                pwmApplication.getLdapConnectionService().setLastLdapFailure( ldapProfile,
+                pwmDomain.getLdapConnectionService().setLastLdapFailure( ldapProfile,
                         new ErrorInformation( PwmError.ERROR_DIRECTORY_UNAVAILABLE, errorString.toString() ) );
                 return returnRecords;
             }
@@ -552,14 +552,14 @@ public class LDAPHealthChecker implements HealthChecker
             {
                 final HealthRecord record = HealthRecord.forMessage( HealthMessage.LDAP_No_Connection, e.getMessage() );
                 returnRecords.add( record );
-                pwmApplication.getLdapConnectionService().setLastLdapFailure( ldapProfile,
-                        new ErrorInformation( PwmError.ERROR_DIRECTORY_UNAVAILABLE, record.getDetail( PwmConstants.DEFAULT_LOCALE, pwmApplication.getConfig() ) ) );
+                pwmDomain.getLdapConnectionService().setLastLdapFailure( ldapProfile,
+                        new ErrorInformation( PwmError.ERROR_DIRECTORY_UNAVAILABLE, record.getDetail( PwmConstants.DEFAULT_LOCALE, pwmDomain.getConfig() ) ) );
                 return returnRecords;
             }
 
             if ( directoryVendor != null && directoryVendor == DirectoryVendor.ACTIVE_DIRECTORY )
             {
-                returnRecords.addAll( checkAd( pwmApplication, config, ldapProfile ) );
+                returnRecords.addAll( checkAd( pwmDomain, config, ldapProfile ) );
             }
 
             if ( testContextlessRoot )
@@ -613,7 +613,7 @@ public class LDAPHealthChecker implements HealthChecker
         return returnRecords;
     }
 
-    private static List<HealthRecord> checkAd( final PwmApplication pwmApplication, final Configuration config, final LdapProfile ldapProfile )
+    private static List<HealthRecord> checkAd( final PwmDomain pwmDomain, final DomainConfig config, final LdapProfile ldapProfile )
     {
         final List<HealthRecord> returnList = new ArrayList<>();
         final List<String> serverURLs = ldapProfile.readSettingAsStringArray( PwmSetting.LDAP_SERVER_URLS );
@@ -650,7 +650,7 @@ public class LDAPHealthChecker implements HealthChecker
             }
         }
 
-        returnList.addAll( checkAdPasswordPolicyApi( pwmApplication ) );
+        returnList.addAll( checkAdPasswordPolicyApi( pwmDomain ) );
 
         return returnList;
     }
@@ -667,9 +667,9 @@ public class LDAPHealthChecker implements HealthChecker
         return false;
     }
 
-    private List<HealthRecord> checkVendorSameness( final PwmApplication pwmApplication )
+    private List<HealthRecord> checkVendorSameness( final PwmDomain pwmDomain )
     {
-        final Map<HealthMonitor.HealthMonitorFlag, Serializable> healthProperties = pwmApplication.getHealthMonitor().getHealthProperties();
+        final Map<HealthMonitor.HealthMonitorFlag, Serializable> healthProperties = pwmDomain.getHealthMonitor().getHealthProperties();
         if ( healthProperties.containsKey( HealthMonitor.HealthMonitorFlag.LdapVendorSameCheck ) )
         {
             return ( List<HealthRecord> ) healthProperties.get( HealthMonitor.HealthMonitorFlag.LdapVendorSameCheck );
@@ -681,16 +681,16 @@ public class LDAPHealthChecker implements HealthChecker
 
         try
         {
-            for ( final LdapProfile ldapProfile : pwmApplication.getConfig().getLdapProfiles().values() )
+            for ( final LdapProfile ldapProfile : pwmDomain.getConfig().getLdapProfiles().values() )
             {
                 final ChaiConfiguration profileChaiConfiguration = LdapOperationsHelper.createChaiConfiguration(
-                        pwmApplication.getConfig(),
+                        pwmDomain.getConfig(),
                         ldapProfile
                 );
                 final Collection<ChaiConfiguration> replicaConfigs = ChaiUtility.splitConfigurationPerReplica( profileChaiConfiguration, Collections.emptyMap() );
                 for ( final ChaiConfiguration chaiConfiguration : replicaConfigs )
                 {
-                    final ChaiProvider loopProvider = pwmApplication.getLdapConnectionService().getChaiProviderFactory().newProvider( chaiConfiguration );
+                    final ChaiProvider loopProvider = pwmDomain.getLdapConnectionService().getChaiProviderFactory().newProvider( chaiConfiguration );
                     replicaVendorMap.put( chaiConfiguration.getSetting( ChaiSetting.BIND_URLS ), loopProvider.getDirectoryVendor() );
                 }
             }
@@ -735,19 +735,19 @@ public class LDAPHealthChecker implements HealthChecker
         return healthRecords;
     }
 
-    private static List<HealthRecord> checkAdPasswordPolicyApi( final PwmApplication pwmApplication )
+    private static List<HealthRecord> checkAdPasswordPolicyApi( final PwmDomain pwmDomain )
     {
 
 
-        final boolean passwordPolicyApiEnabled = pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.AD_ENFORCE_PW_HISTORY_ON_SET );
+        final boolean passwordPolicyApiEnabled = pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.AD_ENFORCE_PW_HISTORY_ON_SET );
         if ( !passwordPolicyApiEnabled )
         {
             return Collections.emptyList();
         }
 
-        if ( pwmApplication.getHealthMonitor() != null )
+        if ( pwmDomain.getHealthMonitor() != null )
         {
-            final Map<HealthMonitor.HealthMonitorFlag, Serializable> healthProperties = pwmApplication.getHealthMonitor().getHealthProperties();
+            final Map<HealthMonitor.HealthMonitorFlag, Serializable> healthProperties = pwmDomain.getHealthMonitor().getHealthProperties();
             if ( healthProperties.containsKey( HealthMonitor.HealthMonitorFlag.AdPasswordPolicyApiCheck ) )
             {
                 final List<HealthRecord> healthRecords = ( List<HealthRecord> ) healthProperties.get( HealthMonitor.HealthMonitorFlag.AdPasswordPolicyApiCheck );
@@ -762,10 +762,10 @@ public class LDAPHealthChecker implements HealthChecker
 
         try
         {
-            for ( final LdapProfile ldapProfile : pwmApplication.getConfig().getLdapProfiles().values() )
+            for ( final LdapProfile ldapProfile : pwmDomain.getConfig().getLdapProfiles().values() )
             {
                 final ChaiConfiguration profileChaiConfiguration = LdapOperationsHelper.createChaiConfiguration(
-                        pwmApplication.getConfig(),
+                        pwmDomain.getConfig(),
                         ldapProfile
                 );
                 final Collection<ChaiConfiguration> replicaConfigs = ChaiUtility.splitConfigurationPerReplica(
@@ -775,7 +775,7 @@ public class LDAPHealthChecker implements HealthChecker
 
                 for ( final ChaiConfiguration chaiConfiguration : replicaConfigs )
                 {
-                    final ChaiProvider loopProvider = pwmApplication.getLdapConnectionService().getChaiProviderFactory().newProvider( chaiConfiguration );
+                    final ChaiProvider loopProvider = pwmDomain.getLdapConnectionService().getChaiProviderFactory().newProvider( chaiConfiguration );
                     final ChaiEntry rootDSE = ChaiUtility.getRootDSE( loopProvider );
                     final Set<String> controls = rootDSE.readMultiStringAttribute( "supportedControl" );
                     final boolean asnSupported = controls.contains( PwmConstants.LDAP_AD_PASSWORD_POLICY_CONTROL_ASN );
@@ -788,7 +788,7 @@ public class LDAPHealthChecker implements HealthChecker
                                 url
                         );
                         healthRecords.add( record );
-                        LOGGER.warn( () -> record.toDebugString( PwmConstants.DEFAULT_LOCALE, pwmApplication.getConfig() ) );
+                        LOGGER.warn( () -> record.toDebugString( PwmConstants.DEFAULT_LOCALE, pwmDomain.getConfig() ) );
                     }
                 }
             }
@@ -800,19 +800,19 @@ public class LDAPHealthChecker implements HealthChecker
                     () ->  "error during ad api password policy (asn " + PwmConstants.LDAP_AD_PASSWORD_POLICY_CONTROL_ASN + ") check: " + e.getMessage() );
         }
 
-        if ( !errorReachingServer && pwmApplication.getHealthMonitor() != null )
+        if ( !errorReachingServer && pwmDomain.getHealthMonitor() != null )
         {
-            final Map<HealthMonitor.HealthMonitorFlag, Serializable> healthProperties = pwmApplication.getHealthMonitor().getHealthProperties();
+            final Map<HealthMonitor.HealthMonitorFlag, Serializable> healthProperties = pwmDomain.getHealthMonitor().getHealthProperties();
             healthProperties.put( HealthMonitor.HealthMonitorFlag.AdPasswordPolicyApiCheck, healthRecords );
         }
 
         return healthRecords;
     }
 
-    private static List<HealthRecord> checkUserPermissionValues( final PwmApplication pwmApplication )
+    private static List<HealthRecord> checkUserPermissionValues( final PwmDomain pwmDomain )
     {
         final List<HealthRecord> returnList = new ArrayList<>();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         for ( final PwmSetting pwmSetting : PwmSetting.values() )
         {
             if ( !pwmSetting.isHidden() && pwmSetting.getSyntax() == PwmSettingSyntax.USER_PERMISSION )
@@ -824,7 +824,7 @@ public class LDAPHealthChecker implements HealthChecker
                     {
                         try
                         {
-                            returnList.addAll( checkUserPermission( pwmApplication, userPermission, pwmSetting ) );
+                            returnList.addAll( checkUserPermission( pwmDomain, userPermission, pwmSetting ) );
                         }
                         catch ( final PwmUnrecoverableException e )
                         {
@@ -837,10 +837,10 @@ public class LDAPHealthChecker implements HealthChecker
         return returnList;
     }
 
-    private static List<HealthRecord> checkLdapDNSyntaxValues( final PwmApplication pwmApplication )
+    private static List<HealthRecord> checkLdapDNSyntaxValues( final PwmDomain pwmDomain )
     {
         final List<HealthRecord> returnList = new ArrayList<>();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
 
         try
         {
@@ -858,7 +858,7 @@ public class LDAPHealthChecker implements HealthChecker
                             final String value = config.getLdapProfiles().get( profile ).readSettingAsString( pwmSetting );
                             if ( value != null && !value.isEmpty() )
                             {
-                                final Optional<String> errorMsg = validateDN( pwmApplication, value, profile );
+                                final Optional<String> errorMsg = validateDN( pwmDomain, value, profile );
                                 errorMsg.ifPresent( s -> returnList.add( HealthRecord.forMessage(
                                         HealthMessage.Config_DNValueValidity,
                                         pwmSetting.toMenuLocationDebug( profile, PwmConstants.DEFAULT_LOCALE ), s )
@@ -872,7 +872,7 @@ public class LDAPHealthChecker implements HealthChecker
                             {
                                 for ( final String value : values )
                                 {
-                                    final Optional<String> errorMsg = validateDN( pwmApplication, value, profile );
+                                    final Optional<String> errorMsg = validateDN( pwmDomain, value, profile );
                                     errorMsg.ifPresent( s -> returnList.add( HealthRecord.forMessage(
                                             HealthMessage.Config_DNValueValidity,
                                             pwmSetting.toMenuLocationDebug( profile, PwmConstants.DEFAULT_LOCALE ), s )
@@ -893,17 +893,17 @@ public class LDAPHealthChecker implements HealthChecker
     }
 
     private static List<HealthRecord> checkNewUserPasswordTemplateSetting(
-            final PwmApplication pwmApplication,
-            final Configuration configuration
+            final PwmDomain pwmDomain,
+            final DomainConfig domainConfig
     )
     {
         final Locale locale = PwmConstants.DEFAULT_LOCALE;
-        if ( !configuration.readSettingAsBoolean( PwmSetting.NEWUSER_ENABLE ) )
+        if ( !domainConfig.readSettingAsBoolean( PwmSetting.NEWUSER_ENABLE ) )
         {
             return Collections.emptyList();
         }
 
-        for ( final NewUserProfile newUserProfile : configuration.getNewUserProfiles().values() )
+        for ( final NewUserProfile newUserProfile : domainConfig.getNewUserProfiles().values() )
         {
             final String policyUserStr = newUserProfile.readSettingAsString( PwmSetting.NEWUSER_PASSWORD_POLICY_USER );
 
@@ -923,7 +923,7 @@ public class LDAPHealthChecker implements HealthChecker
                 final LdapProfile ldapProfile = newUserProfile.getLdapProfile();
                 if ( NewUserProfile.TEST_USER_CONFIG_VALUE.equals( policyUserStr ) )
                 {
-                    final UserIdentity testUser = ldapProfile.getTestUser( pwmApplication );
+                    final UserIdentity testUser = ldapProfile.getTestUser( pwmDomain );
                     if ( testUser != null )
                     {
                         return Collections.emptyList();
@@ -932,7 +932,7 @@ public class LDAPHealthChecker implements HealthChecker
 
                 final UserIdentity newUserTemplateIdentity = UserIdentity.createUserIdentity( policyUserStr, ldapProfile.getIdentifier() );
 
-                final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser( newUserTemplateIdentity );
+                final ChaiUser chaiUser = pwmDomain.getProxiedChaiUser( newUserTemplateIdentity );
 
                 try
                 {
@@ -962,11 +962,11 @@ public class LDAPHealthChecker implements HealthChecker
     }
 
     private static List<HealthRecord> checkUserSearching(
-            final PwmApplication pwmApplication
+            final PwmDomain pwmDomain
     )
     {
         final TimeDuration warnDuration = TimeDuration.of(
-                JavaHelper.silentParseLong( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTH_LDAP_USER_SEARCH_WARN_MS ), 10_1000 ),
+                JavaHelper.silentParseLong( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTH_LDAP_USER_SEARCH_WARN_MS ), 10_1000 ),
                 TimeDuration.Unit.MILLISECONDS );
 
         final Instant startTime = Instant.now();
@@ -974,7 +974,7 @@ public class LDAPHealthChecker implements HealthChecker
 
         try
         {
-            final String healthUsername = MacroRequest.forStatic().expandMacros( pwmApplication.getConfig().readAppProperty( AppProperty.HEALTH_LDAP_USER_SEARCH_TERM ) );
+            final String healthUsername = MacroRequest.forStatic().expandMacros( pwmDomain.getConfig().readAppProperty( AppProperty.HEALTH_LDAP_USER_SEARCH_TERM ) );
 
             final SearchConfiguration searchConfiguration = SearchConfiguration.builder()
                     .enableValueEscaping( false )
@@ -982,7 +982,7 @@ public class LDAPHealthChecker implements HealthChecker
                     .username( healthUsername )
                     .build();
 
-            pwmApplication.getUserSearchEngine().performMultiUserSearch( searchConfiguration, 1, Collections.singletonList( "cn" ), SessionLabel.HEALTH_SESSION_LABEL );
+            pwmDomain.getUserSearchEngine().performMultiUserSearch( searchConfiguration, 1, Collections.singletonList( "cn" ), SessionLabel.HEALTH_SESSION_LABEL );
         }
         catch ( final Exception e )
         {
@@ -1006,7 +1006,7 @@ public class LDAPHealthChecker implements HealthChecker
     }
 
     private static List<HealthRecord> checkUserPermission(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final UserPermission userPermission,
             final PwmSetting pwmSetting
     )
@@ -1014,7 +1014,7 @@ public class LDAPHealthChecker implements HealthChecker
     {
         final String settingDebugName = pwmSetting.toMenuLocationDebug( null, PwmConstants.DEFAULT_LOCALE );
         final List<HealthRecord> returnList = new ArrayList<>();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final List<String> ldapProfilesToCheck = new ArrayList<>();
         {
             final String configuredLdapProfileID = userPermission.getLdapProfileID();
@@ -1051,7 +1051,7 @@ public class LDAPHealthChecker implements HealthChecker
                     final String userDN = userPermission.getLdapBase();
                     if ( userDN != null && !isExampleDN( userDN ) )
                     {
-                        final Optional<String> errorMsg = validateDN( pwmApplication, userDN, ldapProfileID );
+                        final Optional<String> errorMsg = validateDN( pwmDomain, userDN, ldapProfileID );
                         errorMsg.ifPresent( s -> returnList.add( HealthRecord.forMessage(
                                 HealthMessage.Config_UserPermissionValidity,
                                 settingDebugName, "userDN: " + s ) ) );
@@ -1064,7 +1064,7 @@ public class LDAPHealthChecker implements HealthChecker
                     final String groupDN = userPermission.getLdapBase();
                     if ( groupDN != null && !isExampleDN( groupDN ) )
                     {
-                        final Optional<String> errorMsg = validateDN( pwmApplication, groupDN, ldapProfileID );
+                        final Optional<String> errorMsg = validateDN( pwmDomain, groupDN, ldapProfileID );
                         errorMsg.ifPresent( s -> returnList.add( HealthRecord.forMessage(
                                 HealthMessage.Config_UserPermissionValidity,
                                 settingDebugName, "groupDN: " + s ) ) );
@@ -1077,7 +1077,7 @@ public class LDAPHealthChecker implements HealthChecker
                     final String baseDN = userPermission.getLdapBase();
                     if ( baseDN != null && !isExampleDN( baseDN ) )
                     {
-                        final Optional<String> errorMsg = validateDN( pwmApplication, baseDN, ldapProfileID );
+                        final Optional<String> errorMsg = validateDN( pwmDomain, baseDN, ldapProfileID );
                         errorMsg.ifPresent( s -> returnList.add( HealthRecord.forMessage(
                                 HealthMessage.Config_UserPermissionValidity,
                                 settingDebugName, "baseDN: " + s ) ) );
@@ -1093,7 +1093,7 @@ public class LDAPHealthChecker implements HealthChecker
     }
 
     private static Optional<String> validateDN(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final String dnValue,
             final String ldapProfileID
     )
@@ -1104,7 +1104,7 @@ public class LDAPHealthChecker implements HealthChecker
             return Optional.empty();
         }
 
-        final ChaiProvider chaiProvider = pwmApplication.getProxyChaiProvider( ldapProfileID );
+        final ChaiProvider chaiProvider = pwmDomain.getProxyChaiProvider( ldapProfileID );
         try
         {
             if ( !isExampleDN( dnValue ) )
@@ -1159,8 +1159,8 @@ public class LDAPHealthChecker implements HealthChecker
     }
 
     public static HealthData healthForNewConfiguration(
-            final PwmApplication pwmApplication,
-            final Configuration config,
+            final PwmDomain pwmDomain,
+            final DomainConfig config,
             final Locale locale,
             final String profileID,
             final boolean testContextless,
@@ -1169,7 +1169,7 @@ public class LDAPHealthChecker implements HealthChecker
     )
             throws PwmUnrecoverableException
     {
-        final PwmApplication tempApplication = PwmApplication.createPwmApplication( pwmApplication.getPwmEnvironment().makeRuntimeInstance( config ) );
+        final PwmDomain tempApplication = PwmDomain.createPwmApplication( pwmDomain.getPwmEnvironment().makeRuntimeInstance( config ) );
         final LDAPHealthChecker ldapHealthChecker = new LDAPHealthChecker();
         final List<HealthRecord> profileRecords = new ArrayList<>();
 
@@ -1178,7 +1178,7 @@ public class LDAPHealthChecker implements HealthChecker
                 testContextless ) );
         if ( fullTest )
         {
-            profileRecords.addAll( ldapHealthChecker.checkLdapServerUrls( pwmApplication, config, ldapProfile ) );
+            profileRecords.addAll( ldapHealthChecker.checkLdapServerUrls( pwmDomain, config, ldapProfile ) );
         }
 
         if ( profileRecords.isEmpty() )

server/src/main/java/password/pwm/health/LocalDBHealthChecker.java

@@ -21,8 +21,8 @@
 package password.pwm.health;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
-import password.pwm.config.Configuration;
+import password.pwm.PwmDomain;
+import password.pwm.config.DomainConfig;
 import password.pwm.util.java.FileSystemUtility;
 import password.pwm.util.java.JavaHelper;
 import password.pwm.util.java.StringUtil;
@@ -35,20 +35,20 @@ import java.util.List;
 public class LocalDBHealthChecker implements HealthChecker
 {
     @Override
-    public List<HealthRecord> doHealthCheck( final PwmApplication pwmApplication )
+    public List<HealthRecord> doHealthCheck( final PwmDomain pwmDomain )
     {
-        if ( pwmApplication == null )
+        if ( pwmDomain == null )
         {
             return null;
         }
 
         final List<HealthRecord> healthRecords = new ArrayList<>();
 
-        final LocalDB localDB = pwmApplication.getLocalDB();
+        final LocalDB localDB = pwmDomain.getLocalDB();
 
         if ( localDB == null )
         {
-            final String detailedError = pwmApplication.getLastLocalDBFailure() == null ? "unknown, check logs" : pwmApplication.getLastLocalDBFailure().toDebugStr();
+            final String detailedError = pwmDomain.getLastLocalDBFailure() == null ? "unknown, check logs" : pwmDomain.getLastLocalDBFailure().toDebugStr();
             healthRecords.add( HealthRecord.forMessage( HealthMessage.LocalDB_BAD, detailedError ) );
             return healthRecords;
         }
@@ -65,7 +65,7 @@ public class LocalDBHealthChecker implements HealthChecker
             return healthRecords;
         }
 
-        healthRecords.addAll( checkSpaceRemaining( pwmApplication ) );
+        healthRecords.addAll( checkSpaceRemaining( pwmDomain ) );
 
         if ( healthRecords.isEmpty() )
         {
@@ -75,11 +75,11 @@ public class LocalDBHealthChecker implements HealthChecker
         return healthRecords;
     }
 
-    private List<HealthRecord> checkSpaceRemaining( final PwmApplication pwmApplication )
+    private List<HealthRecord> checkSpaceRemaining( final PwmDomain pwmDomain )
     {
-        final Configuration configuration = pwmApplication.getConfig();
-        final long minFreeSpace = JavaHelper.silentParseLong( configuration.readAppProperty( AppProperty.HEALTH_DISK_MIN_FREE_WARNING ), 500_000_000 );
-        final long freeSpace = FileSystemUtility.diskSpaceRemaining( pwmApplication.getLocalDB().getFileLocation() );
+        final DomainConfig domainConfig = pwmDomain.getConfig();
+        final long minFreeSpace = JavaHelper.silentParseLong( domainConfig.readAppProperty( AppProperty.HEALTH_DISK_MIN_FREE_WARNING ), 500_000_000 );
+        final long freeSpace = FileSystemUtility.diskSpaceRemaining( pwmDomain.getLocalDB().getFileLocation() );
 
         if ( freeSpace < minFreeSpace )
         {

server/src/main/java/password/pwm/http/ContextManager.java

@@ -21,12 +21,12 @@
 package password.pwm.http;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.PwmEnvironment;
 import password.pwm.bean.SessionLabel;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.LdapProfile;
 import password.pwm.config.stored.ConfigurationProperty;
@@ -87,7 +87,7 @@ public class ContextManager implements Serializable
 
     private transient ScheduledExecutorService taskMaster;
 
-    private transient volatile PwmApplication pwmApplication;
+    private transient volatile PwmDomain pwmDomain;
     private transient ConfigurationReader configReader;
     private ErrorInformation startupErrorInformation;
 
@@ -105,25 +105,25 @@ public class ContextManager implements Serializable
         this.contextPath = servletContext.getContextPath();
     }
 
-    public static PwmApplication getPwmApplication( final ServletRequest request ) throws PwmUnrecoverableException
+    public static PwmDomain getPwmApplication( final ServletRequest request ) throws PwmUnrecoverableException
     {
-        final PwmApplication appInRequest = ( PwmApplication ) request.getAttribute( PwmConstants.REQUEST_ATTR_PWM_APPLICATION );
+        final PwmDomain appInRequest = ( PwmDomain ) request.getAttribute( PwmConstants.REQUEST_ATTR_PWM_APPLICATION );
         if ( appInRequest != null )
         {
             return appInRequest;
         }
 
-        final PwmApplication pwmApplication = getPwmApplication( request.getServletContext() );
-        request.setAttribute( PwmConstants.REQUEST_ATTR_PWM_APPLICATION, pwmApplication );
-        return pwmApplication;
+        final PwmDomain pwmDomain = getPwmApplication( request.getServletContext() );
+        request.setAttribute( PwmConstants.REQUEST_ATTR_PWM_APPLICATION, pwmDomain );
+        return pwmDomain;
     }
 
-    public static PwmApplication getPwmApplication( final HttpSession session ) throws PwmUnrecoverableException
+    public static PwmDomain getPwmApplication( final HttpSession session ) throws PwmUnrecoverableException
     {
         return getContextManager( session.getServletContext() ).getPwmApplication();
     }
 
-    public static PwmApplication getPwmApplication( final ServletContext theContext ) throws PwmUnrecoverableException
+    public static PwmDomain getPwmApplication( final ServletContext theContext ) throws PwmUnrecoverableException
     {
         return getContextManager( theContext ).getPwmApplication();
     }
@@ -152,19 +152,19 @@ public class ContextManager implements Serializable
         return ( ContextManager ) theManager;
     }
 
-    public PwmApplication getPwmApplication( )
+    public PwmDomain getPwmApplication( )
             throws PwmUnrecoverableException
     {
         final Instant startTime = Instant.now();
-        PwmApplication localApplication = pwmApplication;
+        PwmDomain localApplication = pwmDomain;
 
         while (
-                ( restartInProgressFlag.get() || pwmApplication == null )
+                ( restartInProgressFlag.get() || pwmDomain == null )
                         &&  TimeDuration.fromCurrent( startTime ).isShorterThan( readApplicationLockMaxWait )
         )
         {
             TimeDuration.SECOND.pause();
-            localApplication = pwmApplication;
+            localApplication = pwmDomain;
         }
 
         if ( localApplication != null )
@@ -208,7 +208,7 @@ public class ContextManager implements Serializable
             outputError( "unable to set default locale as Java machine default locale: " + e.getMessage() );
         }
 
-        Configuration configuration = null;
+        DomainConfig domainConfig = null;
         PwmApplicationMode mode = PwmApplicationMode.ERROR;
 
         final ParameterReader parameterReader = new ParameterReader( servletContext );
@@ -231,7 +231,7 @@ public class ContextManager implements Serializable
             configurationFile = locateConfigurationFile( applicationPath, PwmConstants.DEFAULT_CONFIG_FILE_FILENAME );
 
             configReader = new ConfigurationReader( configurationFile );
-            configuration = configReader.getConfiguration();
+            domainConfig = configReader.getConfiguration();
 
             mode = startupErrorInformation == null ? configReader.getConfigMode() : PwmApplicationMode.ERROR;
 
@@ -263,7 +263,7 @@ public class ContextManager implements Serializable
         try
         {
             final PwmEnvironment pwmEnvironment = PwmEnvironment.builder()
-                    .config( configuration )
+                    .config( domainConfig )
                     .applicationPath( applicationPath )
                     .applicationMode( mode )
                     .configurationFile( configurationFile )
@@ -272,13 +272,13 @@ public class ContextManager implements Serializable
                     .parameters( applicationParams )
                     .build();
 
-            if ( pwmApplication == null )
+            if ( pwmDomain == null )
             {
-                pwmApplication = PwmApplication.createPwmApplication( pwmEnvironment );
+                pwmDomain = PwmDomain.createPwmApplication( pwmEnvironment );
             }
             else
             {
-                pwmApplication.reInit( pwmEnvironment );
+                pwmDomain.reInit( pwmEnvironment );
             }
         }
         catch ( final Exception e )
@@ -288,20 +288,20 @@ public class ContextManager implements Serializable
 
         taskMaster = Executors.newSingleThreadScheduledExecutor(
                 PwmScheduler.makePwmThreadFactory(
-                        PwmScheduler.makeThreadName( pwmApplication, this.getClass() ) + "-",
+                        PwmScheduler.makeThreadName( pwmDomain, this.getClass() ) + "-",
                         true
                 ) );
 
         boolean reloadOnChange = true;
         long fileScanFrequencyMs = 5000;
         {
-            if ( pwmApplication != null )
+            if ( pwmDomain != null )
             {
-                reloadOnChange = Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_RELOAD_ON_CHANGE ) );
-                fileScanFrequencyMs = Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_FILE_SCAN_FREQUENCY ) );
+                reloadOnChange = Boolean.parseBoolean( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_RELOAD_ON_CHANGE ) );
+                fileScanFrequencyMs = Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_FILE_SCAN_FREQUENCY ) );
 
                 this.readApplicationLockMaxWait = TimeDuration.of(
-                        Long.parseLong( pwmApplication.getConfig().readAppProperty( AppProperty.APPLICATION_READ_APP_LOCK_MAX_WAIT_MS ) ),
+                        Long.parseLong( pwmDomain.getConfig().readAppProperty( AppProperty.APPLICATION_READ_APP_LOCK_MAX_WAIT_MS ) ),
                         TimeDuration.Unit.MILLISECONDS
                 );
             }
@@ -313,7 +313,7 @@ public class ContextManager implements Serializable
             checkConfigForAutoImportLdapCerts( configReader );
         }
 
-        if ( pwmApplication == null || pwmApplication.getApplicationMode() == PwmApplicationMode.NEW )
+        if ( pwmDomain == null || pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
         {
             taskMaster.scheduleWithFixedDelay( new SilentPropertiesFileWatcher(), fileScanFrequencyMs, fileScanFrequencyMs, TimeUnit.MILLISECONDS );
         }
@@ -378,11 +378,11 @@ public class ContextManager implements Serializable
     {
         startupErrorInformation = new ErrorInformation( PwmError.ERROR_APP_UNAVAILABLE, "shutting down" );
 
-        if ( pwmApplication != null )
+        if ( pwmDomain != null )
         {
             try
             {
-                pwmApplication.shutdown();
+                pwmDomain.shutdown();
             }
             catch ( final Exception e )
             {
@@ -392,7 +392,7 @@ public class ContextManager implements Serializable
         taskMaster.shutdown();
 
 
-        this.pwmApplication = null;
+        this.pwmDomain = null;
         startupErrorInformation = null;
     }
 
@@ -435,7 +435,7 @@ public class ContextManager implements Serializable
         @Override
         public void run()
         {
-            if ( pwmApplication == null || pwmApplication.getApplicationMode() == PwmApplicationMode.NEW )
+            if ( pwmDomain == null || pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
             {
                 if ( silentPropertiesFile.exists() )
                 {
@@ -451,7 +451,7 @@ public class ContextManager implements Serializable
                             storedConfiguration = importer.readConfiguration( fileInputStream );
                         }
 
-                        configReader.saveConfiguration( storedConfiguration, pwmApplication, SESSION_LABEL );
+                        configReader.saveConfiguration( storedConfiguration, pwmDomain, SESSION_LABEL );
                         LOGGER.info( SESSION_LABEL, () -> "file " + silentPropertiesFile.getAbsolutePath() + " has been successfully imported and saved as configuration file" );
                         requestPwmApplicationRestart();
                         success = true;
@@ -508,7 +508,7 @@ public class ContextManager implements Serializable
             try
             {
                 restartInProgressFlag.set( true );
-                waitForRequestsToComplete( pwmApplication );
+                waitForRequestsToComplete( pwmDomain );
 
                 {
                     final TimeDuration timeDuration = TimeDuration.fromCurrent( startTime );
@@ -536,13 +536,13 @@ public class ContextManager implements Serializable
             }
         }
 
-        private void waitForRequestsToComplete( final PwmApplication pwmApplication )
+        private void waitForRequestsToComplete( final PwmDomain pwmDomain )
         {
             final Instant startTime = Instant.now();
             final TimeDuration maxRequestWaitTime = TimeDuration.of(
-                    Integer.parseInt( pwmApplication.getConfig().readAppProperty( AppProperty.APPLICATION_RESTART_MAX_REQUEST_WAIT_MS ) ),
+                    Integer.parseInt( pwmDomain.getConfig().readAppProperty( AppProperty.APPLICATION_RESTART_MAX_REQUEST_WAIT_MS ) ),
                     TimeDuration.Unit.MILLISECONDS );
-            final int startingRequestInProgress = pwmApplication.getActiveServletRequests().get();
+            final int startingRequestInProgress = pwmDomain.getActiveServletRequests().get();
 
             if ( startingRequestInProgress == 0 )
             {
@@ -551,10 +551,10 @@ public class ContextManager implements Serializable
 
             LOGGER.trace( SESSION_LABEL, () -> "waiting up to " + maxRequestWaitTime.asCompactString()
                     + " for " + startingRequestInProgress  + " requests to complete." );
-            maxRequestWaitTime.pause( TimeDuration.of( 10, TimeDuration.Unit.MILLISECONDS ), () -> pwmApplication.getActiveServletRequests().get() == 0
+            maxRequestWaitTime.pause( TimeDuration.of( 10, TimeDuration.Unit.MILLISECONDS ), () -> pwmDomain.getActiveServletRequests().get() == 0
             );
 
-            final int requestsInProgress = pwmApplication.getActiveServletRequests().get();
+            final int requestsInProgress = pwmDomain.getActiveServletRequests().get();
             final TimeDuration waitTime = TimeDuration.fromCurrent( startTime  );
             LOGGER.trace( SESSION_LABEL, () -> "after " + waitTime.asCompactString() + ", " + requestsInProgress
                     + " requests in progress, proceeding with restart" );
@@ -724,16 +724,16 @@ public class ContextManager implements Serializable
         {
             LOGGER.trace( SESSION_LABEL, () -> "beginning auto-import ldap cert due to config property '"
                     + ConfigurationProperty.IMPORT_LDAP_CERTIFICATES.getKey() + "'" );
-            final Configuration configuration = new Configuration( configReader.getStoredConfiguration() );
+            final DomainConfig domainConfig = new DomainConfig( configReader.getStoredConfiguration() );
             final StoredConfigurationModifier modifiedConfig = StoredConfigurationModifier.newModifier( configReader.getStoredConfiguration() );
 
             int importedCerts = 0;
-            for ( final LdapProfile ldapProfile : configuration.getLdapProfiles().values() )
+            for ( final LdapProfile ldapProfile : domainConfig.getLdapProfiles().values() )
             {
                 final List<String> ldapUrls = ldapProfile.getLdapUrls();
                 if ( !JavaHelper.isEmpty( ldapUrls ) )
                 {
-                    final Set<X509Certificate> certs = X509Utils.readCertsForListOfLdapUrls( ldapUrls, configuration );
+                    final Set<X509Certificate> certs = X509Utils.readCertsForListOfLdapUrls( ldapUrls, domainConfig );
                     if ( !JavaHelper.isEmpty( certs ) )
                     {
                         importedCerts += certs.size();
@@ -756,7 +756,7 @@ public class ContextManager implements Serializable
                         + ConfigurationProperty.IMPORT_LDAP_CERTIFICATES.getKey() + "'"
                         + ", imported " + totalImportedCerts + " certificates" );
                 modifiedConfig.writeConfigProperty( ConfigurationProperty.IMPORT_LDAP_CERTIFICATES, "false" );
-                configReader.saveConfiguration( modifiedConfig.newStoredConfiguration(), pwmApplication, SESSION_LABEL );
+                configReader.saveConfiguration( modifiedConfig.newStoredConfiguration(), pwmDomain, SESSION_LABEL );
                 requestPwmApplicationRestart();
             }
             else

server/src/main/java/password/pwm/http/HttpEventManager.java

@@ -21,7 +21,7 @@
 package password.pwm.http;
 
 import com.novell.ldapchai.util.StringHelper;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.error.PwmUnrecoverableException;
@@ -64,12 +64,12 @@ public class HttpEventManager implements
         try
         {
             final ContextManager contextManager = ContextManager.getContextManager( httpSession );
-            final PwmApplication pwmApplication = contextManager.getPwmApplication();
-            httpSession.setAttribute( PwmConstants.SESSION_ATTR_PWM_APP_NONCE, pwmApplication.getRuntimeNonce() );
+            final PwmDomain pwmDomain = contextManager.getPwmApplication();
+            httpSession.setAttribute( PwmConstants.SESSION_ATTR_PWM_APP_NONCE, pwmDomain.getRuntimeNonce() );
 
-            if ( pwmApplication.getStatisticsManager() != null )
+            if ( pwmDomain.getStatisticsManager() != null )
             {
-                pwmApplication.getStatisticsManager().updateEps( EpsStatistic.SESSIONS, 1 );
+                pwmDomain.getStatisticsManager().updateEps( EpsStatistic.SESSIONS, 1 );
             }
 
             LOGGER.trace( () -> "new http session created" );
@@ -96,10 +96,10 @@ public class HttpEventManager implements
                     pwmSession.unauthenticateUser( null );
                 }
 
-                final PwmApplication pwmApplication = ContextManager.getPwmApplication( httpSession.getServletContext() );
-                if ( pwmApplication != null )
+                final PwmDomain pwmDomain = ContextManager.getPwmApplication( httpSession.getServletContext() );
+                if ( pwmDomain != null )
                 {
-                    pwmApplication.getSessionTrackService().removeSessionData( pwmSession );
+                    pwmDomain.getSessionTrackService().removeSessionData( pwmSession );
                 }
                 final String outputMsg = debugMsg;
                 LOGGER.trace( pwmSession.getLabel(), () -> outputMsg );
@@ -183,10 +183,10 @@ public class HttpEventManager implements
             final HttpSession httpSession = event.getSession();
             final PwmSession pwmSession = PwmSessionWrapper.readPwmSession( httpSession );
             LOGGER.trace( pwmSession.getLabel(), () -> "activating (de-passivating) session" );
-            final PwmApplication pwmApplication = ContextManager.getPwmApplication( httpSession.getServletContext() );
-            if ( pwmApplication != null )
+            final PwmDomain pwmDomain = ContextManager.getPwmApplication( httpSession.getServletContext() );
+            if ( pwmDomain != null )
             {
-                pwmApplication.getSessionTrackService().addSessionData( pwmSession );
+                pwmDomain.getSessionTrackService().addSessionData( pwmSession );
             }
         }
         catch ( final PwmUnrecoverableException e )

server/src/main/java/password/pwm/http/IdleTimeoutCalculator.java

@@ -25,10 +25,10 @@ import lombok.EqualsAndHashCode;
 import lombok.Getter;
 import password.pwm.AppProperty;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.HelpdeskProfile;
 import password.pwm.config.profile.PeopleSearchProfile;
@@ -50,13 +50,13 @@ public class IdleTimeoutCalculator
 {
     private static final PwmLogger LOGGER = PwmLogger.forClass( IdleTimeoutCalculator.class );
 
-    public static MaxIdleTimeoutResult figureMaxSessionTimeout( final PwmApplication pwmApplication, final PwmSession pwmSession )
+    public static MaxIdleTimeoutResult figureMaxSessionTimeout( final PwmDomain pwmDomain, final PwmSession pwmSession )
             throws PwmUnrecoverableException
     {
-        final Configuration configuration = pwmApplication.getConfig();
+        final DomainConfig domainConfig = pwmDomain.getConfig();
         final SortedSet<MaxIdleTimeoutResult> results = new TreeSet<>();
         {
-            final long idleSetting = configuration.readSettingAsLong( PwmSetting.IDLE_TIMEOUT_SECONDS );
+            final long idleSetting = domainConfig.readSettingAsLong( PwmSetting.IDLE_TIMEOUT_SECONDS );
             results.add( new MaxIdleTimeoutResult(
                     MaxIdleTimeoutResult.reasonFor( PwmSetting.IDLE_TIMEOUT_SECONDS, null ),
                     TimeDuration.of( idleSetting, TimeDuration.Unit.SECONDS ) ) );
@@ -64,17 +64,17 @@ public class IdleTimeoutCalculator
 
         if ( !pwmSession.isAuthenticated() )
         {
-            if ( pwmApplication.getApplicationMode() == PwmApplicationMode.NEW )
+            if ( pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
             {
-                final long configGuideIdleTimeout = Long.parseLong( configuration.readAppProperty( AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT ) );
+                final long configGuideIdleTimeout = Long.parseLong( domainConfig.readAppProperty( AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT ) );
                 results.add( new MaxIdleTimeoutResult(
                         "Configuration Guide Idle Timeout",
                         TimeDuration.of( configGuideIdleTimeout, TimeDuration.Unit.SECONDS ) ) );
             }
 
-            if ( configuration.readSettingAsBoolean( PwmSetting.PEOPLE_SEARCH_ENABLE_PUBLIC ) )
+            if ( domainConfig.readSettingAsBoolean( PwmSetting.PEOPLE_SEARCH_ENABLE_PUBLIC ) )
             {
-                final Optional<PeopleSearchProfile> optionalPeopleSearchProfile = configuration.getPublicPeopleSearchProfile();
+                final Optional<PeopleSearchProfile> optionalPeopleSearchProfile = domainConfig.getPublicPeopleSearchProfile();
                 if ( optionalPeopleSearchProfile.isPresent() )
                 {
                     final PeopleSearchProfile publicProfile = optionalPeopleSearchProfile.get();
@@ -93,8 +93,8 @@ public class IdleTimeoutCalculator
         {
             final UserInfo userInfo = pwmSession.getUserInfo();
             final boolean userIsAdmin = pwmSession.isAuthenticated()
-                    && pwmSession.getSessionManager().checkPermission( pwmApplication, Permission.PWMADMIN );
-            final Set<MaxIdleTimeoutResult> loggedInResults = figureMaxAuthUserTimeout( configuration, userInfo, userIsAdmin );
+                    && pwmSession.getSessionManager().checkPermission( pwmDomain, Permission.PWMADMIN );
+            final Set<MaxIdleTimeoutResult> loggedInResults = figureMaxAuthUserTimeout( domainConfig, userInfo, userIsAdmin );
             results.addAll( loggedInResults );
         }
 
@@ -102,7 +102,7 @@ public class IdleTimeoutCalculator
     }
 
     private static Set<MaxIdleTimeoutResult> figureMaxAuthUserTimeout(
-            final Configuration configuration,
+            final DomainConfig domainConfig,
             final UserInfo userInfo,
             final boolean userIsAdmin
     )
@@ -110,18 +110,18 @@ public class IdleTimeoutCalculator
     {
         final Set<MaxIdleTimeoutResult> results = new TreeSet<>();
         {
-            final long idleSecondsSetting = configuration.readSettingAsLong( PwmSetting.IDLE_TIMEOUT_SECONDS );
+            final long idleSecondsSetting = domainConfig.readSettingAsLong( PwmSetting.IDLE_TIMEOUT_SECONDS );
             results.add( new MaxIdleTimeoutResult(
                     MaxIdleTimeoutResult.reasonFor( PwmSetting.IDLE_TIMEOUT_SECONDS, null ),
                     TimeDuration.of( idleSecondsSetting, TimeDuration.Unit.SECONDS ) ) );
         }
 
-        if ( configuration.readSettingAsBoolean( PwmSetting.HELPDESK_ENABLE ) )
+        if ( domainConfig.readSettingAsBoolean( PwmSetting.HELPDESK_ENABLE ) )
         {
             final String helpdeskProfileID = userInfo.getProfileIDs().get( ProfileDefinition.Helpdesk );
             if ( !StringUtil.isEmpty( helpdeskProfileID ) )
             {
-                final HelpdeskProfile helpdeskProfile = configuration.getHelpdeskProfiles().get( helpdeskProfileID );
+                final HelpdeskProfile helpdeskProfile = domainConfig.getHelpdeskProfiles().get( helpdeskProfileID );
                 final long helpdeskIdleTimeout = helpdeskProfile.readSettingAsLong( PwmSetting.HELPDESK_IDLE_TIMEOUT_SECONDS );
                 results.add( new MaxIdleTimeoutResult(
                         MaxIdleTimeoutResult.reasonFor( PwmSetting.HELPDESK_IDLE_TIMEOUT_SECONDS, helpdeskProfileID ),
@@ -129,12 +129,12 @@ public class IdleTimeoutCalculator
             }
         }
 
-        if ( configuration.readSettingAsBoolean( PwmSetting.PEOPLE_SEARCH_ENABLE ) )
+        if ( domainConfig.readSettingAsBoolean( PwmSetting.PEOPLE_SEARCH_ENABLE ) )
         {
             final String peopleSearchID = userInfo.getProfileIDs().get( ProfileDefinition.PeopleSearch );
             if ( !StringUtil.isEmpty( peopleSearchID ) )
             {
-                final PeopleSearchProfile peopleSearchProfile = configuration.getPeopleSearchProfiles().get( peopleSearchID );
+                final PeopleSearchProfile peopleSearchProfile = domainConfig.getPeopleSearchProfiles().get( peopleSearchID );
                 final long peopleSearchIdleTimeout = peopleSearchProfile.readSettingAsLong( PwmSetting.PEOPLE_SEARCH_IDLE_TIMEOUT_SECONDS );
                 if ( peopleSearchIdleTimeout > 0 )
                 {
@@ -148,7 +148,7 @@ public class IdleTimeoutCalculator
 
         if ( userIsAdmin )
         {
-            final long configEditorIdleTimeout = Long.parseLong( configuration.readAppProperty( AppProperty.CONFIG_EDITOR_IDLE_TIMEOUT ) );
+            final long configEditorIdleTimeout = Long.parseLong( domainConfig.readAppProperty( AppProperty.CONFIG_EDITOR_IDLE_TIMEOUT ) );
             results.add( new MaxIdleTimeoutResult(
                     "Config Editor Idle Timeout",
                     TimeDuration.of( configEditorIdleTimeout, TimeDuration.Unit.SECONDS ) ) );
@@ -181,15 +181,15 @@ public class IdleTimeoutCalculator
             throws PwmUnrecoverableException
     {
         final PwmURL pwmURL = pwmRequest.getURL();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         if ( pwmURL.isResourceURL() )
         {
-            return figureMaxSessionTimeout( pwmApplication, pwmSession ).getIdleTimeout();
+            return figureMaxSessionTimeout( pwmDomain, pwmSession ).getIdleTimeout();
         }
 
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         if ( pwmURL.isPwmServletURL( PwmServletDefinition.Helpdesk ) )
         {
             if ( config.readSettingAsBoolean( PwmSetting.HELPDESK_ENABLE ) )
@@ -229,7 +229,7 @@ public class IdleTimeoutCalculator
         {
             try
             {
-                if ( pwmSession.getSessionManager().checkPermission( pwmApplication, Permission.PWMADMIN ) )
+                if ( pwmSession.getSessionManager().checkPermission( pwmDomain, Permission.PWMADMIN ) )
                 {
                     final long configEditorIdleTimeout = Long.parseLong( config.readAppProperty( AppProperty.CONFIG_EDITOR_IDLE_TIMEOUT ) );
                     if ( configEditorIdleTimeout > 0 )
@@ -246,7 +246,7 @@ public class IdleTimeoutCalculator
 
         if ( pwmURL.isPwmServletURL( PwmServletDefinition.ConfigGuide ) )
         {
-            if ( pwmApplication.getApplicationMode() == PwmApplicationMode.NEW )
+            if ( pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
             {
                 final long configGuideIdleTimeout = Long.parseLong( config.readAppProperty( AppProperty.CONFIG_GUIDE_IDLE_TIMEOUT ) );
                 if ( configGuideIdleTimeout > 0 )

server/src/main/java/password/pwm/http/PwmHttpRequestWrapper.java

@@ -23,7 +23,7 @@ package password.pwm.http;
 import com.google.gson.JsonParseException;
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.util.PasswordData;
@@ -52,7 +52,7 @@ import java.util.Set;
 public class PwmHttpRequestWrapper
 {
     private final HttpServletRequest httpServletRequest;
-    private final Configuration configuration;
+    private final DomainConfig domainConfig;
 
     private static final Set<String> HTTP_PARAM_DEBUG_STRIP_VALUES =
             Collections.unmodifiableSet( new HashSet<>( Arrays.asList(
@@ -71,10 +71,10 @@ public class PwmHttpRequestWrapper
         BypassValidation
     }
 
-    public PwmHttpRequestWrapper( final HttpServletRequest request, final Configuration configuration )
+    public PwmHttpRequestWrapper( final HttpServletRequest request, final DomainConfig domainConfig )
     {
         this.httpServletRequest = request;
-        this.configuration = configuration;
+        this.domainConfig = domainConfig;
     }
 
     public HttpServletRequest getHttpServletRequest( )
@@ -102,7 +102,7 @@ public class PwmHttpRequestWrapper
     public String readRequestBodyAsString( )
             throws IOException, PwmUnrecoverableException
     {
-        final int maxChars = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_BODY_MAXREAD_LENGTH ) );
+        final int maxChars = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_BODY_MAXREAD_LENGTH ) );
         return readRequestBodyAsString( maxChars );
     }
 
@@ -119,9 +119,9 @@ public class PwmHttpRequestWrapper
         final String bodyString = readRequestBodyAsString();
         final Map<String, String> inputMap = JsonUtil.deserializeStringMap( bodyString );
 
-        final boolean trim = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.SECURITY_INPUT_TRIM ) );
-        final boolean passwordTrim = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.SECURITY_INPUT_PASSWORD_TRIM ) );
-        final int maxLength = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final boolean trim = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.SECURITY_INPUT_TRIM ) );
+        final boolean passwordTrim = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.SECURITY_INPUT_PASSWORD_TRIM ) );
+        final int maxLength = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
 
         final Map<String, String> outputMap = new LinkedHashMap<>();
         if ( inputMap != null )
@@ -135,11 +135,11 @@ public class PwmHttpRequestWrapper
                     String value;
                     value = bypassInputValidation
                             ? entry.getValue()
-                            : Validator.sanitizeInputValue( configuration, entry.getValue(), maxLength );
+                            : Validator.sanitizeInputValue( domainConfig, entry.getValue(), maxLength );
                     value = passwordType && passwordTrim ? value.trim() : value;
                     value = !passwordType && trim ? value.trim() : value;
 
-                    final String sanitizedName = Validator.sanitizeInputValue( configuration, key, maxLength );
+                    final String sanitizedName = Validator.sanitizeInputValue( domainConfig, key, maxLength );
                     outputMap.put( sanitizedName, value );
                 }
             }
@@ -155,9 +155,9 @@ public class PwmHttpRequestWrapper
         final String bodyString = readRequestBodyAsString();
         final Map<String, Object> inputMap = JsonUtil.deserializeMap( bodyString );
 
-        final boolean trim = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.SECURITY_INPUT_TRIM ) );
-        final boolean passwordTrim = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.SECURITY_INPUT_PASSWORD_TRIM ) );
-        final int maxLength = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final boolean trim = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.SECURITY_INPUT_TRIM ) );
+        final boolean passwordTrim = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.SECURITY_INPUT_PASSWORD_TRIM ) );
+        final int maxLength = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
 
         final Map<String, Object> outputMap = new LinkedHashMap<>();
         if ( inputMap != null )
@@ -173,7 +173,7 @@ public class PwmHttpRequestWrapper
                     {
                         String stringValue = bypassInputValidation
                                 ? ( String ) entry.getValue()
-                                : Validator.sanitizeInputValue( configuration, ( String ) entry.getValue(), maxLength );
+                                : Validator.sanitizeInputValue( domainConfig, ( String ) entry.getValue(), maxLength );
                         stringValue = passwordType && passwordTrim ? stringValue.trim() : stringValue;
                         stringValue = !passwordType && trim ? stringValue.trim() : stringValue;
                         value = stringValue;
@@ -183,7 +183,7 @@ public class PwmHttpRequestWrapper
                         value = entry.getValue();
                     }
 
-                    final String sanitizedName = Validator.sanitizeInputValue( configuration, key, maxLength );
+                    final String sanitizedName = Validator.sanitizeInputValue( domainConfig, key, maxLength );
                     outputMap.put( sanitizedName, value );
                 }
             }
@@ -195,14 +195,14 @@ public class PwmHttpRequestWrapper
     public PasswordData readParameterAsPassword( final String name )
             throws PwmUnrecoverableException
     {
-        final int maxLength = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
-        final boolean trim = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.SECURITY_INPUT_PASSWORD_TRIM ) );
+        final int maxLength = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final boolean trim = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.SECURITY_INPUT_PASSWORD_TRIM ) );
 
         final String rawValue = httpServletRequest.getParameter( name );
         if ( rawValue != null && !rawValue.isEmpty() )
         {
             final String decodedValue = decodeStringToDefaultCharSet( rawValue );
-            final String sanitizedValue = Validator.sanitizeInputValue( configuration, decodedValue, maxLength );
+            final String sanitizedValue = Validator.sanitizeInputValue( domainConfig, decodedValue, maxLength );
             if ( sanitizedValue != null )
             {
                 final String trimmedVale = trim ? sanitizedValue.trim() : sanitizedValue;
@@ -227,7 +227,7 @@ public class PwmHttpRequestWrapper
     public String readParameterAsString( final String name, final String valueIfNotPresent )
             throws PwmUnrecoverableException
     {
-        final int maxLength = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final int maxLength = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
         final String returnValue = readParameterAsString( name, maxLength );
         return returnValue == null || returnValue.isEmpty() ? valueIfNotPresent : returnValue;
     }
@@ -241,7 +241,7 @@ public class PwmHttpRequestWrapper
     public String readParameterAsString( final String name, final Flag... flags )
             throws PwmUnrecoverableException
     {
-        final int maxLength = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final int maxLength = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
         return readParameterAsString( name, maxLength, flags );
     }
 
@@ -282,7 +282,7 @@ public class PwmHttpRequestWrapper
     {
         final boolean bypassInputValidation = flags != null && Arrays.asList( flags ).contains( Flag.BypassValidation );
         final HttpServletRequest req = this.getHttpServletRequest();
-        final boolean trim = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.SECURITY_INPUT_TRIM ) );
+        final boolean trim = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.SECURITY_INPUT_TRIM ) );
         final String[] rawValues = req.getParameterValues( name );
         if ( rawValues == null || rawValues.length == 0 )
         {
@@ -295,7 +295,7 @@ public class PwmHttpRequestWrapper
             final String decodedValue = decodeStringToDefaultCharSet( rawValue );
             final String sanitizedValue = bypassInputValidation
                     ? decodedValue
-                    : Validator.sanitizeInputValue( configuration, decodedValue, maxLength );
+                    : Validator.sanitizeInputValue( domainConfig, decodedValue, maxLength );
 
             if ( sanitizedValue.length() > 0 )
             {
@@ -313,16 +313,16 @@ public class PwmHttpRequestWrapper
 
     public String readHeaderValueAsString( final String headerName )
     {
-        final int maxChars = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final int maxChars = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
         final HttpServletRequest req = this.getHttpServletRequest();
         final String rawValue = req.getHeader( headerName );
-        final String sanitizedInputValue = Validator.sanitizeInputValue( configuration, rawValue, maxChars );
-        return Validator.sanitizeHeaderValue( configuration, sanitizedInputValue );
+        final String sanitizedInputValue = Validator.sanitizeInputValue( domainConfig, rawValue, maxChars );
+        return Validator.sanitizeHeaderValue( domainConfig, sanitizedInputValue );
     }
 
     public Map<String, List<String>> readHeaderValuesMap( )
     {
-        final int maxChars = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final int maxChars = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
         final HttpServletRequest req = this.getHttpServletRequest();
         final Map<String, List<String>> returnObj = new LinkedHashMap<>();
 
@@ -333,8 +333,8 @@ public class PwmHttpRequestWrapper
             for ( final Enumeration<String> headerValueEnum = req.getHeaders( headerName ); headerValueEnum.hasMoreElements(); )
             {
                 final String headerValue = headerValueEnum.nextElement();
-                final String sanitizedInputValue = Validator.sanitizeInputValue( configuration, headerValue, maxChars );
-                final String sanitizedHeaderValue = Validator.sanitizeHeaderValue( configuration, sanitizedInputValue );
+                final String sanitizedInputValue = Validator.sanitizeInputValue( domainConfig, headerValue, maxChars );
+                final String sanitizedHeaderValue = Validator.sanitizeHeaderValue( domainConfig, sanitizedInputValue );
                 if ( sanitizedHeaderValue != null && !sanitizedHeaderValue.isEmpty() )
                 {
                     valueList.add( sanitizedHeaderValue );
@@ -350,12 +350,12 @@ public class PwmHttpRequestWrapper
 
     public List<String> parameterNames( )
     {
-        final int maxChars = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final int maxChars = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
         final List<String> returnObj = new ArrayList();
         for ( final Enumeration nameEnum = getHttpServletRequest().getParameterNames(); nameEnum.hasMoreElements(); )
         {
             final String paramName = nameEnum.nextElement().toString();
-            final String returnName = Validator.sanitizeInputValue( configuration, paramName, maxChars );
+            final String returnName = Validator.sanitizeInputValue( domainConfig, paramName, maxChars );
             returnObj.add( returnName );
         }
         return Collections.unmodifiableList( returnObj );
@@ -376,7 +376,7 @@ public class PwmHttpRequestWrapper
     public Map<String, List<String>> readMultiParametersAsMap( )
             throws PwmUnrecoverableException
     {
-        final int maxLength = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
+        final int maxLength = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_PARAM_MAX_READ_LENGTH ) );
         final Map<String, List<String>> returnObj = new HashMap<>();
         for ( final String paramName : parameterNames() )
         {
@@ -388,7 +388,7 @@ public class PwmHttpRequestWrapper
 
     public String readCookie( final String cookieName )
     {
-        final int maxChars = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_COOKIE_MAX_READ_LENGTH ) );
+        final int maxChars = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_COOKIE_MAX_READ_LENGTH ) );
         final Cookie[] cookies = this.getHttpServletRequest().getCookies();
         if ( cookies != null )
         {
@@ -398,7 +398,7 @@ public class PwmHttpRequestWrapper
                 {
                     final String rawCookieValue = cookie.getValue();
                     final String decodedCookieValue = StringUtil.urlDecode( rawCookieValue );
-                    return Validator.sanitizeInputValue( configuration, decodedCookieValue, maxChars );
+                    return Validator.sanitizeInputValue( domainConfig, decodedCookieValue, maxChars );
                 }
             }
         }
@@ -417,9 +417,9 @@ public class PwmHttpRequestWrapper
                 .orElseThrow( () -> new IllegalStateException( "http method not registered" ) );
     }
 
-    public Configuration getConfig( )
+    public DomainConfig getConfig( )
     {
-        return configuration;
+        return domainConfig;
     }
 
     public String getURLwithoutQueryString( )

server/src/main/java/password/pwm/http/PwmHttpResponseWrapper.java

@@ -21,9 +21,9 @@
 package password.pwm.http;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.filter.CookieManagementFilter;
 import password.pwm.util.Validator;
@@ -44,7 +44,7 @@ public class PwmHttpResponseWrapper
 
     private final HttpServletRequest httpServletRequest;
     private final HttpServletResponse httpServletResponse;
-    private final Configuration configuration;
+    private final DomainConfig domainConfig;
 
     public enum CookiePath
     {
@@ -85,12 +85,12 @@ public class PwmHttpResponseWrapper
     protected PwmHttpResponseWrapper(
             final HttpServletRequest request,
             final HttpServletResponse response,
-            final Configuration configuration
+            final DomainConfig domainConfig
     )
     {
         this.httpServletRequest = request;
         this.httpServletResponse = response;
-        this.configuration = configuration;
+        this.domainConfig = domainConfig;
     }
 
     public HttpServletResponse getHttpServletResponse( )
@@ -101,7 +101,7 @@ public class PwmHttpResponseWrapper
     public void sendRedirect( final String url )
             throws IOException
     {
-        this.httpServletResponse.sendRedirect( Validator.sanitizeHeaderValue( configuration, url ) );
+        this.httpServletResponse.sendRedirect( Validator.sanitizeHeaderValue( domainConfig, url ) );
     }
 
     public boolean isCommitted( )
@@ -112,8 +112,8 @@ public class PwmHttpResponseWrapper
     public void setHeader( final HttpHeader headerName, final String value )
     {
         this.httpServletResponse.setHeader(
-                Validator.sanitizeHeaderValue( configuration, headerName.getHttpName() ),
-                Validator.sanitizeHeaderValue( configuration, value )
+                Validator.sanitizeHeaderValue( domainConfig, headerName.getHttpName() ),
+                Validator.sanitizeHeaderValue( domainConfig, value )
         );
     }
 
@@ -164,7 +164,7 @@ public class PwmHttpResponseWrapper
 
         final boolean secureFlag;
         {
-            final String configValue = configuration.readAppProperty( AppProperty.HTTP_COOKIE_DEFAULT_SECURE_FLAG );
+            final String configValue = domainConfig.readAppProperty( AppProperty.HTTP_COOKIE_DEFAULT_SECURE_FLAG );
             if ( configValue == null || "auto".equalsIgnoreCase( configValue ) )
             {
                 secureFlag = this.httpServletRequest.isSecure();
@@ -175,7 +175,7 @@ public class PwmHttpResponseWrapper
             }
         }
 
-        final boolean httpOnlyEnabled = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.HTTP_COOKIE_HTTPONLY_ENABLE ) );
+        final boolean httpOnlyEnabled = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.HTTP_COOKIE_HTTPONLY_ENABLE ) );
         final boolean httpOnly = httpOnlyEnabled && !JavaHelper.enumArrayContainsValue( flags, Flag.NonHttpOnly );
 
         final String value;
@@ -193,7 +193,7 @@ public class PwmHttpResponseWrapper
                 else
                 {
                     value = StringUtil.urlEncode(
-                            Validator.sanitizeHeaderValue( configuration, cookieValue )
+                            Validator.sanitizeHeaderValue( domainConfig, cookieValue )
                     );
                 }
             }
@@ -215,11 +215,11 @@ public class PwmHttpResponseWrapper
 
     void addSameSiteCookieAttribute( )
     {
-        final PwmApplication pwmApplication;
+        final PwmDomain pwmDomain;
         try
         {
-            pwmApplication = ContextManager.getPwmApplication( this.httpServletRequest );
-            final String value = pwmApplication.getConfig().readAppProperty( AppProperty.HTTP_COOKIE_SAMESITE_VALUE );
+            pwmDomain = ContextManager.getPwmApplication( this.httpServletRequest );
+            final String value = pwmDomain.getConfig().readAppProperty( AppProperty.HTTP_COOKIE_SAMESITE_VALUE );
             CookieManagementFilter.addSameSiteCookieAttribute( httpServletResponse, value );
         }
         catch ( final PwmUnrecoverableException e )

server/src/main/java/password/pwm/http/PwmRequest.java

@@ -26,7 +26,7 @@ import org.apache.commons.fileupload.FileItemStream;
 import org.apache.commons.fileupload.servlet.ServletFileUpload;
 import org.apache.commons.io.IOUtils;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LocalSessionStateBean;
@@ -81,7 +81,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
     private final PwmURL pwmURL;
     private final PwmRequestID pwmRequestID;
 
-    private final transient PwmApplication pwmApplication;
+    private final transient PwmDomain pwmDomain;
     private final transient PwmSession pwmSession;
     private final transient Supplier<SessionLabel> sessionLabelLazySupplier = new LazySupplier<>( this::makeSessionLabel );
 
@@ -99,8 +99,8 @@ public class PwmRequest extends PwmHttpRequestWrapper
         if ( pwmRequest == null )
         {
             final PwmSession pwmSession = PwmSessionWrapper.readPwmSession( request );
-            final PwmApplication pwmApplication = ContextManager.getPwmApplication( request );
-            pwmRequest = new PwmRequest( request, response, pwmApplication, pwmSession );
+            final PwmDomain pwmDomain = ContextManager.getPwmApplication( request );
+            pwmRequest = new PwmRequest( request, response, pwmDomain, pwmSession );
             request.setAttribute( PwmRequestAttribute.PwmRequest.toString(), pwmRequest );
         }
         return pwmRequest;
@@ -109,22 +109,22 @@ public class PwmRequest extends PwmHttpRequestWrapper
     private PwmRequest(
             final HttpServletRequest httpServletRequest,
             final HttpServletResponse httpServletResponse,
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmSession pwmSession
     )
             throws PwmUnrecoverableException
     {
-        super( httpServletRequest, pwmApplication.getConfig() );
+        super( httpServletRequest, pwmDomain.getConfig() );
         this.pwmRequestID = PwmRequestID.next();
-        this.pwmResponse = new PwmResponse( httpServletResponse, this, pwmApplication.getConfig() );
+        this.pwmResponse = new PwmResponse( httpServletResponse, this, pwmDomain.getConfig() );
         this.pwmSession = pwmSession;
-        this.pwmApplication = pwmApplication;
+        this.pwmDomain = pwmDomain;
         this.pwmURL = new PwmURL( this.getHttpServletRequest() );
     }
 
-    public PwmApplication getPwmApplication( )
+    public PwmDomain getPwmApplication( )
     {
-        return pwmApplication;
+        return pwmDomain;
     }
 
     public PwmSession getPwmSession( )
@@ -495,7 +495,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
     )
     {
         final LocalSessionStateBean ssBean = this.getPwmSession().getSessionStateBean();
-        return ssBean.getLogoutURL() == null ? pwmApplication.getConfig().readSettingAsString( PwmSetting.URL_LOGOUT ) : ssBean.getLogoutURL();
+        return ssBean.getLogoutURL() == null ? pwmDomain.getConfig().readSettingAsString( PwmSetting.URL_LOGOUT ) : ssBean.getLogoutURL();
     }
 
     public String getCspNonce( )
@@ -506,7 +506,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
             if ( getAttribute( PwmRequestAttribute.CspNonce ) == null )
             {
                 final int nonceLength = Integer.parseInt( getConfig().readAppProperty( AppProperty.HTTP_HEADER_CSP_NONCE_BYTES ) );
-                final byte[] cspNonce = pwmApplication.getSecureService().pwmRandom().newBytes( nonceLength );
+                final byte[] cspNonce = pwmDomain.getSecureService().pwmRandom().newBytes( nonceLength );
                 final String cspString = StringUtil.base64Encode( cspNonce );
                 setAttribute( PwmRequestAttribute.CspNonce, cspString );
             }
@@ -526,7 +526,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
         if ( strValue != null && !strValue.isEmpty() )
         {
             final PwmSecurityKey pwmSecurityKey = pwmSession.getSecurityKey( this );
-            return pwmApplication.getSecureService().decryptObject( strValue, pwmSecurityKey, returnClass );
+            return pwmDomain.getSecureService().decryptObject( strValue, pwmSecurityKey, returnClass );
         }
 
         return null;
@@ -582,7 +582,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
 
     public boolean endUserFunctionalityAvailable( )
     {
-        final PwmApplicationMode mode = pwmApplication.getApplicationMode();
+        final PwmApplicationMode mode = pwmDomain.getApplicationMode();
         if ( mode == PwmApplicationMode.NEW )
         {
             return false;
@@ -600,7 +600,7 @@ public class PwmRequest extends PwmHttpRequestWrapper
 
     public PwmRequestContext getPwmRequestContext()
     {
-        return new PwmRequestContext( pwmApplication, this.getLabel(), this.getLocale(), pwmRequestID );
+        return new PwmRequestContext( pwmDomain, this.getLabel(), this.getLocale(), pwmRequestID );
     }
 
     public String getPwmRequestID()

server/src/main/java/password/pwm/http/PwmRequestContext.java

@@ -21,9 +21,9 @@
 package password.pwm.http;
 
 import lombok.Value;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.http.servlet.PwmRequestID;
 
 import java.util.Locale;
@@ -31,13 +31,13 @@ import java.util.Locale;
 @Value
 public class PwmRequestContext
 {
-    final PwmApplication pwmApplication;
-    final SessionLabel sessionLabel;
-    final Locale locale;
-    final PwmRequestID requestID;
+    private final PwmDomain pwmDomain;
+    private final SessionLabel sessionLabel;
+    private final Locale locale;
+    private final PwmRequestID requestID;
 
-    public Configuration getConfig()
+    public DomainConfig getConfig()
     {
-        return pwmApplication.getConfig();
+        return pwmDomain.getConfig();
     }
 }

server/src/main/java/password/pwm/http/PwmResponse.java

@@ -22,8 +22,8 @@ package password.pwm.http;
 
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import org.apache.commons.lang3.exception.ExceptionUtils;
-import password.pwm.PwmApplication;
-import password.pwm.config.Configuration;
+import password.pwm.PwmDomain;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmUnrecoverableException;
@@ -81,10 +81,10 @@ public class PwmResponse extends PwmHttpResponseWrapper
     public PwmResponse(
             final HttpServletResponse response,
             final PwmRequest pwmRequest,
-            final Configuration configuration
+            final DomainConfig domainConfig
     )
     {
-        super( pwmRequest.getHttpServletRequest(), response, configuration );
+        super( pwmRequest.getHttpServletRequest(), response, domainConfig );
         this.pwmRequest = pwmRequest;
     }
 
@@ -128,10 +128,10 @@ public class PwmResponse extends PwmHttpResponseWrapper
             throws ServletException, PwmUnrecoverableException, IOException
 
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         this.pwmRequest.setAttribute( PwmRequestAttribute.SuccessMessage, message );
 
-        final boolean showMessage = !pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SUCCESS_PAGES )
+        final boolean showMessage = !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.DISPLAY_SUCCESS_PAGES )
                 && !Arrays.asList( flags ).contains( Flag.AlwaysShowMessage );
 
         if ( showMessage )

server/src/main/java/password/pwm/http/PwmSession.java

@@ -22,7 +22,7 @@ package password.pwm.http;
 
 import edu.umd.cs.findbugs.annotations.SuppressFBWarnings;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.bean.LoginInfoBean;
@@ -64,7 +64,7 @@ public class PwmSession implements Serializable
 
     private static final PwmLogger LOGGER = PwmLogger.forClass( PwmSession.class );
 
-    private final transient PwmApplication pwmApplication;
+    private final transient PwmDomain pwmDomain;
 
     @SuppressFBWarnings( "SE_TRANSIENT_FIELD_NOT_RESTORED" )
     private final transient LocalSessionStateBean sessionStateBean = new LocalSessionStateBean();
@@ -80,13 +80,13 @@ public class PwmSession implements Serializable
     private final Lock securityKeyLock = new ReentrantLock();
     private final transient SessionManager sessionManager;
 
-    public static PwmSession createPwmSession( final PwmApplication pwmApplication )
+    public static PwmSession createPwmSession( final PwmDomain pwmDomain )
             throws PwmUnrecoverableException
     {
         CREATION_LOCK.lock();
         try
         {
-            return new PwmSession( pwmApplication );
+            return new PwmSession( pwmDomain );
         }
         finally
         {
@@ -94,26 +94,26 @@ public class PwmSession implements Serializable
         }
     }
 
-    private PwmSession( final PwmApplication pwmApplication )
+    private PwmSession( final PwmDomain pwmDomain )
             throws PwmUnrecoverableException
     {
-        if ( pwmApplication == null )
+        if ( pwmDomain == null )
         {
             throw new IllegalStateException( "PwmApplication must be available during session creation" );
         }
 
-        this.pwmApplication = pwmApplication;
-        this.sessionStateBean.setSessionID( pwmApplication.getSessionTrackService().generateNewSessionID() );
+        this.pwmDomain = pwmDomain;
+        this.sessionStateBean.setSessionID( pwmDomain.getSessionTrackService().generateNewSessionID() );
 
         this.sessionStateBean.setSessionLastAccessedTime( Instant.now() );
 
-        if ( pwmApplication.getStatisticsManager() != null )
+        if ( pwmDomain.getStatisticsManager() != null )
         {
-            pwmApplication.getStatisticsManager().incrementValue( Statistic.HTTP_SESSIONS );
+            pwmDomain.getStatisticsManager().incrementValue( Statistic.HTTP_SESSIONS );
         }
 
-        pwmApplication.getSessionTrackService().addSessionData( this );
-        this.sessionManager = new SessionManager( pwmApplication, this );
+        pwmDomain.getSessionTrackService().addSessionData( this );
+        this.sessionManager = new SessionManager( pwmDomain, this );
 
         LOGGER.trace( () -> "created new session" );
     }
@@ -152,23 +152,23 @@ public class PwmSession implements Serializable
     {
         LOGGER.trace( () -> "performing reloadUserInfoBean" );
         final UserInfo oldUserInfoBean = getUserInfo();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         final UserInfo userInfo;
         if ( getLoginInfoBean().getAuthFlags().contains( AuthenticationType.AUTH_BIND_INHIBIT ) )
         {
             userInfo = UserInfoFactory.newUserInfo(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest.getLabel(),
                     getSessionStateBean().getLocale(),
                     oldUserInfoBean.getUserIdentity(),
-                    pwmApplication.getProxyChaiProvider( oldUserInfoBean.getUserIdentity().getLdapProfileID() )
+                    pwmDomain.getProxyChaiProvider( oldUserInfoBean.getUserIdentity().getLdapProfileID() )
             );
         }
         else
         {
             userInfo = UserInfoFactory.newUserInfoUsingProxy(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest.getLabel(),
                     oldUserInfoBean.getUserIdentity(),
                     getSessionStateBean().getLocale(),
@@ -327,14 +327,14 @@ public class PwmSession implements Serializable
     public boolean setLocale( final PwmRequest pwmRequest, final String localeString )
             throws PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        if ( pwmApplication == null )
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        if ( pwmDomain == null )
         {
             throw new PwmUnrecoverableException( new ErrorInformation( PwmError.ERROR_APP_UNAVAILABLE, "unable to read context manager" ) );
         }
 
         final LocalSessionStateBean ssBean = this.getSessionStateBean();
-        final List<Locale> knownLocales = pwmApplication.getConfig().getKnownLocales();
+        final List<Locale> knownLocales = pwmDomain.getConfig().getKnownLocales();
         final Locale requestedLocale = LocaleHelper.parseLocaleString( localeString );
         if ( knownLocales.contains( requestedLocale ) || "default".equalsIgnoreCase( localeString ) )
         {

server/src/main/java/password/pwm/http/PwmSessionWrapper.java

@@ -20,7 +20,7 @@
 
 package password.pwm.http;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
@@ -43,7 +43,7 @@ public class PwmSessionWrapper
     }
 
     public static void sessionMerge(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmSession pwmSession,
             final HttpSession httpSession
     )
@@ -51,7 +51,7 @@ public class PwmSessionWrapper
     {
         httpSession.setAttribute( PwmConstants.SESSION_ATTR_PWM_SESSION, pwmSession );
 
-        setHttpSessionIdleTimeout( pwmApplication, pwmSession, httpSession );
+        setHttpSessionIdleTimeout( pwmDomain, pwmSession, httpSession );
     }
 
 
@@ -75,13 +75,13 @@ public class PwmSessionWrapper
     }
 
     public static void setHttpSessionIdleTimeout(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmSession pwmSession,
             final HttpSession httpSession
     )
             throws PwmUnrecoverableException
     {
-        final IdleTimeoutCalculator.MaxIdleTimeoutResult result = IdleTimeoutCalculator.figureMaxSessionTimeout( pwmApplication, pwmSession );
+        final IdleTimeoutCalculator.MaxIdleTimeoutResult result = IdleTimeoutCalculator.figureMaxSessionTimeout( pwmDomain, pwmSession );
         if ( httpSession.getMaxInactiveInterval() != result.getIdleTimeout().as( TimeDuration.Unit.SECONDS ) )
         {
             httpSession.setMaxInactiveInterval( ( int ) result.getIdleTimeout().as( TimeDuration.Unit.SECONDS ) );

server/src/main/java/password/pwm/http/SessionManager.java

@@ -24,7 +24,7 @@ import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.provider.ChaiProvider;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.AccountInformationProfile;
@@ -63,12 +63,12 @@ public class SessionManager
 
     private volatile ChaiProvider chaiProvider;
 
-    private final PwmApplication pwmApplication;
+    private final PwmDomain pwmDomain;
     private final PwmSession pwmSession;
 
-    public SessionManager( final PwmApplication pwmApplication, final PwmSession pwmSession )
+    public SessionManager( final PwmDomain pwmDomain, final PwmSession pwmSession )
     {
-        this.pwmApplication = pwmApplication;
+        this.pwmDomain = pwmDomain;
         this.pwmSession = pwmSession;
     }
 
@@ -107,10 +107,10 @@ public class SessionManager
         try
         {
             this.chaiProvider = LdapOperationsHelper.createChaiProvider(
-                    pwmApplication,
+                    pwmDomain,
                     pwmSession.getLabel(),
-                    userIdentity.getLdapProfile( pwmApplication.getConfig() ),
-                    pwmApplication.getConfig(),
+                    userIdentity.getLdapProfile( pwmDomain.getConfig() ),
+                    pwmDomain.getConfig(),
                     userIdentity.getUserDN(),
                     userPassword
             );
@@ -197,13 +197,13 @@ public class SessionManager
         }
     }
 
-    public boolean checkPermission( final PwmApplication pwmApplication, final Permission permission )
+    public boolean checkPermission( final PwmDomain pwmDomain, final Permission permission )
             throws PwmUnrecoverableException
     {
-        final boolean devDebugMode = pwmApplication.getConfig().isDevDebugMode();
+        final boolean devDebugMode = pwmDomain.getConfig().isDevDebugMode();
         if ( devDebugMode )
         {
-            LOGGER.trace( pwmSession.getLabel(), () -> String.format( "entering checkPermission(%s, %s, %s)", permission, pwmSession, pwmApplication ) );
+            LOGGER.trace( pwmSession.getLabel(), () -> String.format( "entering checkPermission(%s, %s, %s)", permission, pwmSession, pwmDomain ) );
         }
 
         if ( !pwmSession.isAuthenticated() )
@@ -225,8 +225,8 @@ public class SessionManager
             }
 
             final PwmSetting setting = permission.getPwmSetting();
-            final List<UserPermission> userPermission = pwmApplication.getConfig().readSettingAsUserPermission( setting );
-            final boolean result = UserPermissionUtility.testUserPermission( pwmApplication, pwmSession.getLabel(), pwmSession.getUserInfo().getUserIdentity(), userPermission );
+            final List<UserPermission> userPermission = pwmDomain.getConfig().readSettingAsUserPermission( setting );
+            final boolean result = UserPermissionUtility.testUserPermission( pwmDomain, pwmSession.getLabel(), pwmSession.getUserInfo().getUserIdentity(), userPermission );
             status = result ? Permission.PermissionStatus.GRANTED : Permission.PermissionStatus.DENIED;
             pwmSession.getUserSessionDataCacheBean().setPermission( permission, status );
 
@@ -250,10 +250,10 @@ public class SessionManager
         final UserInfo userInfoBean = pwmSession.isAuthenticated()
                 ? pwmSession.getUserInfo()
                 : null;
-        return MacroRequest.forUser( pwmApplication, pwmSession.getLabel(), userInfoBean, pwmSession.getLoginInfoBean() );
+        return MacroRequest.forUser( pwmDomain, pwmSession.getLabel(), userInfoBean, pwmSession.getLoginInfoBean() );
     }
 
-    public Profile getProfile( final PwmApplication pwmApplication, final ProfileDefinition profileDefinition ) throws PwmUnrecoverableException
+    public Profile getProfile( final PwmDomain pwmDomain, final ProfileDefinition profileDefinition ) throws PwmUnrecoverableException
     {
         if ( profileDefinition.isAuthenticated() && !pwmSession.isAuthenticated() )
         {
@@ -263,43 +263,43 @@ public class SessionManager
         final String profileID = pwmSession.getUserInfo().getProfileIDs().get( profileDefinition );
         if ( profileID != null )
         {
-            return pwmApplication.getConfig().profileMap( profileDefinition ).get( profileID );
+            return pwmDomain.getConfig().profileMap( profileDefinition ).get( profileID );
         }
         throw new PwmUnrecoverableException( PwmError.ERROR_NO_PROFILE_ASSIGNED );
     }
 
     public HelpdeskProfile getHelpdeskProfile() throws PwmUnrecoverableException
     {
-        return ( HelpdeskProfile ) getProfile( pwmApplication, ProfileDefinition.Helpdesk );
+        return ( HelpdeskProfile ) getProfile( pwmDomain, ProfileDefinition.Helpdesk );
     }
 
     public SetupOtpProfile getSetupOTPProfile() throws PwmUnrecoverableException
     {
-        return ( SetupOtpProfile ) getProfile( pwmApplication, ProfileDefinition.SetupOTPProfile );
+        return ( SetupOtpProfile ) getProfile( pwmDomain, ProfileDefinition.SetupOTPProfile );
     }
 
     public UpdateProfileProfile getUpdateAttributeProfile() throws PwmUnrecoverableException
     {
-        return ( UpdateProfileProfile ) getProfile( pwmApplication, ProfileDefinition.UpdateAttributes );
+        return ( UpdateProfileProfile ) getProfile( pwmDomain, ProfileDefinition.UpdateAttributes );
     }
 
     public PeopleSearchProfile getPeopleSearchProfile() throws PwmUnrecoverableException
     {
-        return ( PeopleSearchProfile ) getProfile( pwmApplication, ProfileDefinition.PeopleSearch );
+        return ( PeopleSearchProfile ) getProfile( pwmDomain, ProfileDefinition.PeopleSearch );
     }
 
     public DeleteAccountProfile getSelfDeleteProfile() throws PwmUnrecoverableException
     {
-        return ( DeleteAccountProfile ) getProfile( pwmApplication, ProfileDefinition.DeleteAccount );
+        return ( DeleteAccountProfile ) getProfile( pwmDomain, ProfileDefinition.DeleteAccount );
     }
 
     public ChangePasswordProfile getChangePasswordProfile() throws PwmUnrecoverableException
     {
-        return ( ChangePasswordProfile ) getProfile( pwmApplication, ProfileDefinition.ChangePassword );
+        return ( ChangePasswordProfile ) getProfile( pwmDomain, ProfileDefinition.ChangePassword );
     }
 
     public AccountInformationProfile getAccountInfoProfile() throws PwmUnrecoverableException
     {
-        return ( AccountInformationProfile ) getProfile( pwmApplication, ProfileDefinition.AccountInformation );
+        return ( AccountInformationProfile ) getProfile( pwmDomain, ProfileDefinition.AccountInformation );
     }
 }

server/src/main/java/password/pwm/http/auth/BasicFilterAuthenticationProvider.java

@@ -20,7 +20,7 @@
 
 package password.pwm.http.auth;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.PwmSetting;
 import password.pwm.error.PwmError;
@@ -65,16 +65,16 @@ public class BasicFilterAuthenticationProvider implements PwmHttpFilterAuthentic
         try
         {
             final PwmSession pwmSession = pwmRequest.getPwmSession();
-            final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
             //user isn't already authenticated and has an auth header, so try to auth them.
             LOGGER.debug( pwmRequest, () -> "attempting to authenticate user using basic auth header (username=" + basicAuthInfo.getUsername() + ")" );
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest,
                     PwmAuthenticationSource.BASIC_AUTH
             );
-            final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
+            final UserSearchEngine userSearchEngine = pwmDomain.getUserSearchEngine();
             final UserIdentity userIdentity = userSearchEngine.resolveUsername( basicAuthInfo.getUsername(), null, null, pwmRequest.getLabel() );
             sessionAuthenticator.authenticateUser( userIdentity, basicAuthInfo.getPassword() );
             pwmSession.getLoginInfoBean().setBasicAuth( basicAuthInfo );

server/src/main/java/password/pwm/http/auth/CASFilterAuthenticationProvider.java

@@ -27,7 +27,7 @@ import org.jasig.cas.client.util.AbstractCasFilter;
 import org.jasig.cas.client.util.CommonUtils;
 import org.jasig.cas.client.util.XmlUtils;
 import org.jasig.cas.client.validation.Assertion;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.value.FileValue;
@@ -130,7 +130,7 @@ public class CASFilterAuthenticationProvider implements PwmHttpFilterAuthenticat
             throws UnsupportedEncodingException, PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final HttpSession session = pwmRequest.getHttpServletRequest().getSession();
 
         //make sure user session isn't already authenticated
@@ -204,7 +204,7 @@ public class CASFilterAuthenticationProvider implements PwmHttpFilterAuthenticat
 
         //user isn't already authenticated and has CAS assertion and password, so try to auth them.
         LOGGER.debug( pwmRequest, () -> "attempting to authenticate user '" + username + "' using CAS assertion and password" );
-        final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmRequest, PwmAuthenticationSource.CAS );
+        final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmDomain, pwmRequest, PwmAuthenticationSource.CAS );
         sessionAuthenticator.searchAndAuthenticateUser( username, password, null, null );
         return true;
     }

server/src/main/java/password/pwm/http/auth/SSOHeaderFilterAuthenticationProvider.java

@@ -20,7 +20,7 @@
 
 package password.pwm.http.auth;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.config.PwmSetting;
 import password.pwm.error.PwmOperationalException;
 import password.pwm.error.PwmUnrecoverableException;
@@ -41,9 +41,9 @@ public class SSOHeaderFilterAuthenticationProvider implements PwmHttpFilterAuthe
             throws PwmUnrecoverableException
     {
         {
-            final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
-            final String headerName = pwmApplication.getConfig().readSettingAsString( PwmSetting.SSO_AUTH_HEADER_NAME );
+            final String headerName = pwmDomain.getConfig().readSettingAsString( PwmSetting.SSO_AUTH_HEADER_NAME );
             if ( headerName == null || headerName.length() < 1 )
             {
                 return;
@@ -58,7 +58,7 @@ public class SSOHeaderFilterAuthenticationProvider implements PwmHttpFilterAuthe
 
             LOGGER.debug( pwmRequest, () -> "SSO Authentication header present in request, will search for user value of '" + headerValue + "'" );
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest,
                     PwmAuthenticationSource.SSO_HEADER
             );

server/src/main/java/password/pwm/http/filter/ApplicationModeFilter.java

@@ -20,7 +20,7 @@
 
 package password.pwm.http.filter;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.error.ErrorInformation;
@@ -93,8 +93,8 @@ public class ApplicationModeFilter extends AbstractPwmFilter
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final PwmApplicationMode mode = pwmApplication.getApplicationMode();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final PwmApplicationMode mode = pwmDomain.getApplicationMode();
 
         final PwmURL pwmURL = pwmRequest.getURL();
 

server/src/main/java/password/pwm/http/filter/AuthenticationFilter.java

@@ -20,7 +20,7 @@
 
 package password.pwm.http.filter;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LoginInfoBean;
@@ -81,10 +81,10 @@ public class AuthenticationFilter extends AbstractPwmFilter
 
         try
         {
-            final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
             final PwmSession pwmSession = pwmRequest.getPwmSession();
 
-            if ( pwmApplication.getApplicationMode() == PwmApplicationMode.NEW )
+            if ( pwmDomain.getApplicationMode() == PwmApplicationMode.NEW )
             {
                 if ( pwmRequest.getURL().isConfigGuideURL() )
                 {
@@ -93,7 +93,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
                 }
             }
 
-            if ( pwmApplication.getApplicationMode() == PwmApplicationMode.CONFIGURATION )
+            if ( pwmDomain.getApplicationMode() == PwmApplicationMode.CONFIGURATION )
             {
                 if ( pwmRequest.getURL().isConfigManagerURL() )
                 {
@@ -131,13 +131,13 @@ public class AuthenticationFilter extends AbstractPwmFilter
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         // read the basic auth info out of the header (if it exists);
         if ( pwmRequest.getConfig().readSettingAsBoolean( PwmSetting.BASIC_AUTH_ENABLED ) )
         {
-            final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader( pwmApplication, pwmRequest );
+            final BasicAuthInfo basicAuthInfo = BasicAuthInfo.parseAuthHeader( pwmDomain, pwmRequest );
 
             final BasicAuthInfo originalBasicAuthInfo = pwmSession.getLoginInfoBean().getBasicAuth();
 
@@ -218,7 +218,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
     )
             throws IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
 
@@ -251,7 +251,7 @@ public class AuthenticationFilter extends AbstractPwmFilter
             return;
         }
 
-        if ( pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.BASIC_AUTH_FORCE ) )
+        if ( pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.BASIC_AUTH_FORCE ) )
         {
             final String displayMessage = LocaleHelper.getLocalizedMessage( Display.Title_Application, pwmRequest );
             pwmRequest.getPwmResponse().setHeader( HttpHeader.WWW_Authenticate, "Basic realm=\"" + displayMessage + "\"" );

server/src/main/java/password/pwm/http/filter/AuthorizationFilter.java

@@ -21,7 +21,7 @@
 package password.pwm.http.filter;
 
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.error.PwmError;
 import password.pwm.http.PwmRequest;
@@ -66,13 +66,13 @@ public class AuthorizationFilter extends AbstractPwmFilter
     {
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         // if the user is not authenticated as a PWM Admin, redirect to error page.
         boolean hasPermission = false;
         try
         {
-            hasPermission = pwmSession.getSessionManager().checkPermission( pwmApplication, Permission.PWMADMIN );
+            hasPermission = pwmSession.getSessionManager().checkPermission( pwmDomain, Permission.PWMADMIN );
         }
         catch ( final Exception e )
         {

server/src/main/java/password/pwm/http/filter/CookieManagementFilter.java

@@ -21,7 +21,7 @@
 package password.pwm.http.filter;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.ContextManager;
 import password.pwm.http.HttpHeader;
@@ -52,11 +52,11 @@ public class CookieManagementFilter implements Filter
     public void init( final FilterConfig filterConfig )
             throws ServletException
     {
-        final PwmApplication pwmApplication;
+        final PwmDomain pwmDomain;
         try
         {
-            pwmApplication = ContextManager.getPwmApplication( filterConfig.getServletContext() );
-            value = pwmApplication.getConfig().readAppProperty( AppProperty.HTTP_COOKIE_SAMESITE_VALUE );
+            pwmDomain = ContextManager.getPwmApplication( filterConfig.getServletContext() );
+            value = pwmDomain.getConfig().readAppProperty( AppProperty.HTTP_COOKIE_SAMESITE_VALUE );
         }
         catch ( final PwmUnrecoverableException e )
         {

server/src/main/java/password/pwm/http/filter/GZIPFilter.java

@@ -22,7 +22,7 @@ package password.pwm.http.filter;
 
 import com.github.ziplet.filter.compression.CompressingFilter;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.error.PwmUnrecoverableException;
 import password.pwm.http.ContextManager;
 import password.pwm.http.PwmURL;
@@ -52,11 +52,11 @@ public class GZIPFilter implements Filter
     public void init( final FilterConfig filterConfig )
             throws ServletException
     {
-        final PwmApplication pwmApplication;
+        final PwmDomain pwmDomain;
         try
         {
-            pwmApplication = ContextManager.getPwmApplication( filterConfig.getServletContext() );
-            enabled = Boolean.parseBoolean( pwmApplication.getConfig().readAppProperty( AppProperty.HTTP_ENABLE_GZIP ) );
+            pwmDomain = ContextManager.getPwmApplication( filterConfig.getServletContext() );
+            enabled = Boolean.parseBoolean( pwmDomain.getConfig().readAppProperty( AppProperty.HTTP_ENABLE_GZIP ) );
         }
         catch ( final PwmUnrecoverableException e )
         {

server/src/main/java/password/pwm/http/filter/RequestInitializationFilter.java

@@ -22,11 +22,11 @@ package password.pwm.http.filter;
 
 import org.apache.commons.validator.routines.InetAddressValidator;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LocalSessionStateBean;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
@@ -102,25 +102,25 @@ public class RequestInitializationFilter implements Filter
         final PwmApplicationMode mode = PwmApplicationMode.determineMode( req );
         final PwmURL pwmURL = new PwmURL( req );
 
-        PwmApplication localPwmApplication = null;
+        PwmDomain localPwmDomain = null;
         try
         {
-            localPwmApplication = ContextManager.getPwmApplication( req );
+            localPwmDomain = ContextManager.getPwmApplication( req );
         }
         catch ( final PwmException e )
         {
             LOGGER.trace( () -> "unable to load pwmApplication: " + e.getMessage() );
         }
 
-        if ( localPwmApplication != null && mode == PwmApplicationMode.RUNNING )
+        if ( localPwmDomain != null && mode == PwmApplicationMode.RUNNING )
         {
-            if ( localPwmApplication.getStatisticsManager() != null )
+            if ( localPwmDomain.getStatisticsManager() != null )
             {
-                localPwmApplication.getStatisticsManager().updateEps( EpsStatistic.REQUESTS, 1 );
+                localPwmDomain.getStatisticsManager().updateEps( EpsStatistic.REQUESTS, 1 );
             }
         }
 
-        if ( localPwmApplication == null && pwmURL.isResourceURL() )
+        if ( localPwmDomain == null && pwmURL.isResourceURL() )
         {
             filterChain.doFilter( req, resp );
             return;
@@ -132,7 +132,7 @@ public class RequestInitializationFilter implements Filter
             return;
         }
 
-        if ( mode == PwmApplicationMode.ERROR || localPwmApplication == null )
+        if ( mode == PwmApplicationMode.ERROR || localPwmDomain == null )
         {
             try
             {
@@ -163,12 +163,12 @@ public class RequestInitializationFilter implements Filter
 
         try
         {
-            localPwmApplication.getActiveServletRequests().incrementAndGet();
+            localPwmDomain.getActiveServletRequests().incrementAndGet();
             initializeServletRequest( req, resp, filterChain );
         }
         finally
         {
-            localPwmApplication.getActiveServletRequests().decrementAndGet();
+            localPwmDomain.getActiveServletRequests().decrementAndGet();
         }
     }
 
@@ -271,7 +271,7 @@ public class RequestInitializationFilter implements Filter
             throws PwmUnrecoverableException
     {
         final ContextManager contextManager = ContextManager.getContextManager( request.getSession() );
-        final PwmApplication pwmApplication = contextManager.getPwmApplication();
+        final PwmDomain pwmDomain = contextManager.getPwmApplication();
 
         {
             // destroy any outdated sessions
@@ -279,7 +279,7 @@ public class RequestInitializationFilter implements Filter
             if ( httpSession != null )
             {
                 final String sessionPwmAppNonce = ( String ) httpSession.getAttribute( PwmConstants.SESSION_ATTR_PWM_APP_NONCE );
-                if ( sessionPwmAppNonce == null || !sessionPwmAppNonce.equals( pwmApplication.getRuntimeNonce() ) )
+                if ( sessionPwmAppNonce == null || !sessionPwmAppNonce.equals( pwmDomain.getRuntimeNonce() ) )
                 {
                     LOGGER.debug( () -> "invalidating http session created with non-current servlet context" );
                     httpSession.invalidate();
@@ -292,8 +292,8 @@ public class RequestInitializationFilter implements Filter
             final HttpSession httpSession = request.getSession();
             if ( httpSession.getAttribute( PwmConstants.SESSION_ATTR_PWM_SESSION ) == null )
             {
-                final PwmSession pwmSession = PwmSession.createPwmSession( pwmApplication );
-                PwmSessionWrapper.sessionMerge( pwmApplication, pwmSession, httpSession );
+                final PwmSession pwmSession = PwmSession.createPwmSession( pwmDomain );
+                PwmSessionWrapper.sessionMerge( pwmDomain, pwmSession, httpSession );
             }
         }
 
@@ -318,9 +318,9 @@ public class RequestInitializationFilter implements Filter
         {
             return;
         }
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final PwmResponse resp = pwmRequest.getPwmResponse();
 
         if ( resp.isCommitted() )
@@ -340,7 +340,7 @@ public class RequestInitializationFilter implements Filter
             resp.setHeader( HttpHeader.ContentLanguage, pwmRequest.getLocale().toLanguageTag() );
         }
 
-        addStaticResponseHeaders( pwmApplication, resp.getHttpServletResponse() );
+        addStaticResponseHeaders( pwmDomain, resp.getHttpServletResponse() );
 
 
         if ( pwmSession != null )
@@ -366,12 +366,12 @@ public class RequestInitializationFilter implements Filter
     }
 
     public static void addStaticResponseHeaders(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final HttpServletResponse resp
     )
             throws PwmUnrecoverableException
     {
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
 
         final String serverHeader = config.readAppProperty( AppProperty.HTTP_HEADER_SERVER );
         final boolean includeXInstance = Boolean.parseBoolean( config.readAppProperty( AppProperty.HTTP_HEADER_SEND_XINSTANCE ) );
@@ -382,7 +382,7 @@ public class RequestInitializationFilter implements Filter
         final boolean includeXAmb = Boolean.parseBoolean( config.readAppProperty( AppProperty.HTTP_HEADER_SEND_XAMB ) );
 
         {
-            final String noiseHeader = makeNoiseHeader( pwmApplication, config );
+            final String noiseHeader = makeNoiseHeader( pwmDomain, config );
             if ( noiseHeader != null )
             {
                 resp.setHeader( HttpHeader.XNoise.getHttpName(), noiseHeader );
@@ -406,12 +406,12 @@ public class RequestInitializationFilter implements Filter
 
         if ( includeXInstance )
         {
-            resp.setHeader( HttpHeader.XInstance.getHttpName(), String.valueOf( pwmApplication.getInstanceID() ) );
+            resp.setHeader( HttpHeader.XInstance.getHttpName(), String.valueOf( pwmDomain.getInstanceID() ) );
         }
 
         if ( serverHeader != null && !serverHeader.isEmpty() )
         {
-            final String value = MacroRequest.forNonUserSpecific( pwmApplication, null ).expandMacros( serverHeader );
+            final String value = MacroRequest.forNonUserSpecific( pwmDomain, null ).expandMacros( serverHeader );
             resp.setHeader( HttpHeader.Server.getHttpName(), value );
         }
 
@@ -423,7 +423,7 @@ public class RequestInitializationFilter implements Filter
         if ( includeXAmb )
         {
             resp.setHeader( HttpHeader.XAmb.getHttpName(), PwmConstants.X_AMB_HEADER.get(
-                    pwmApplication.getSecureService().pwmRandom().nextInt( PwmConstants.X_AMB_HEADER.size() )
+                    pwmDomain.getSecureService().pwmRandom().nextInt( PwmConstants.X_AMB_HEADER.size() )
             ) );
         }
 
@@ -431,7 +431,7 @@ public class RequestInitializationFilter implements Filter
     }
 
 
-    public static String readUserHostname( final HttpServletRequest request, final Configuration config ) throws PwmUnrecoverableException
+    public static String readUserHostname( final HttpServletRequest request, final DomainConfig config ) throws PwmUnrecoverableException
     {
         if ( config != null && !config.readSettingAsBoolean( PwmSetting.REVERSE_DNS_ENABLE ) )
         {
@@ -460,7 +460,7 @@ public class RequestInitializationFilter implements Filter
      */
     public static String readUserNetworkAddress(
             final HttpServletRequest request,
-            final Configuration config
+            final DomainConfig config
     )
     {
         final List<String> candidateAddresses = new ArrayList<>();
@@ -830,14 +830,14 @@ public class RequestInitializationFilter implements Filter
         return StringUtil.mapToString( values );
     }
 
-    private static String makeNoiseHeader( final PwmApplication pwmApplication, final Configuration configuration )
+    private static String makeNoiseHeader( final PwmDomain pwmDomain, final DomainConfig domainConfig )
     {
-        final boolean sendNoise = Boolean.parseBoolean( configuration.readAppProperty( AppProperty.HTTP_HEADER_SEND_XNOISE ) );
+        final boolean sendNoise = Boolean.parseBoolean( domainConfig.readAppProperty( AppProperty.HTTP_HEADER_SEND_XNOISE ) );
 
         if ( sendNoise )
         {
-            final int noiseLength = Integer.parseInt( configuration.readAppProperty( AppProperty.HTTP_HEADER_NOISE_LENGTH ) );
-            final PwmRandom pwmRandom = pwmApplication.getSecureService().pwmRandom();
+            final int noiseLength = Integer.parseInt( domainConfig.readAppProperty( AppProperty.HTTP_HEADER_NOISE_LENGTH ) );
+            final PwmRandom pwmRandom = pwmDomain.getSecureService().pwmRandom();
             return pwmRandom.alphaNumericString( pwmRandom.nextInt( noiseLength ) + 11 );
         }
 

server/src/main/java/password/pwm/http/filter/SessionFilter.java

@@ -21,13 +21,13 @@
 package password.pwm.http.filter;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.bean.SessionLabel;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.SessionVerificationMode;
 import password.pwm.error.ErrorInformation;
@@ -147,8 +147,8 @@ public class SessionFilter extends AbstractPwmFilter
     )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final Configuration config = pwmRequest.getConfig();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final DomainConfig config = pwmRequest.getConfig();
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
@@ -164,7 +164,7 @@ public class SessionFilter extends AbstractPwmFilter
 
         try
         {
-            pwmApplication.getSessionStateService().readLoginSessionState( pwmRequest );
+            pwmDomain.getSessionStateService().readLoginSessionState( pwmRequest );
         }
         catch ( final PwmUnrecoverableException e )
         {
@@ -224,7 +224,7 @@ public class SessionFilter extends AbstractPwmFilter
             {
                 try
                 {
-                    checkUrlAgainstWhitelist( pwmApplication, pwmRequest.getLabel(), forwardURL );
+                    checkUrlAgainstWhitelist( pwmDomain, pwmRequest.getLabel(), forwardURL );
                 }
                 catch ( final PwmOperationalException e )
                 {
@@ -244,7 +244,7 @@ public class SessionFilter extends AbstractPwmFilter
             {
                 try
                 {
-                    checkUrlAgainstWhitelist( pwmApplication, pwmRequest.getLabel(), logoutURL );
+                    checkUrlAgainstWhitelist( pwmDomain, pwmRequest.getLabel(), logoutURL );
                 }
                 catch ( final PwmOperationalException e )
                 {
@@ -269,9 +269,9 @@ public class SessionFilter extends AbstractPwmFilter
         // update last request time.
         ssBean.setSessionLastAccessedTime( Instant.now() );
 
-        if ( pwmApplication.getStatisticsManager() != null )
+        if ( pwmDomain.getStatisticsManager() != null )
         {
-            pwmApplication.getStatisticsManager().incrementValue( Statistic.HTTP_REQUESTS );
+            pwmDomain.getStatisticsManager().incrementValue( Statistic.HTTP_REQUESTS );
         }
 
         return ProcessStatus.Continue;
@@ -416,7 +416,7 @@ public class SessionFilter extends AbstractPwmFilter
     }
 
 
-    private static boolean checkPageLeaveNotice( final PwmSession pwmSession, final Configuration config )
+    private static boolean checkPageLeaveNotice( final PwmSession pwmSession, final DomainConfig config )
     {
         final long configuredSeconds = config.readSettingAsLong( PwmSetting.SECURITY_PAGE_LEAVE_NOTICE_TIMEOUT );
         if ( configuredSeconds <= 0 )
@@ -444,7 +444,7 @@ public class SessionFilter extends AbstractPwmFilter
     )
             throws PwmUnrecoverableException
     {
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
         final String localeParamName = config.readAppProperty( AppProperty.HTTP_PARAM_NAME_LOCALE );
         final String localeCookieName = config.readAppProperty( AppProperty.HTTP_COOKIE_LOCALE_NAME );
         final String requestedLocale = pwmRequest.readParameterAsString( localeParamName );
@@ -472,7 +472,7 @@ public class SessionFilter extends AbstractPwmFilter
     )
             throws PwmUnrecoverableException
     {
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
         final String themeParameterName = config.readAppProperty( AppProperty.HTTP_PARAM_NAME_THEME );
         final String themeReqParameter = pwmRequest.readParameterAsString( themeParameterName );
 
@@ -526,7 +526,7 @@ public class SessionFilter extends AbstractPwmFilter
     }
 
     private static void checkUrlAgainstWhitelist(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final String inputURL
     )
@@ -602,7 +602,7 @@ public class SessionFilter extends AbstractPwmFilter
         final String testURI = sb.toString();
         LOGGER.trace( sessionLabel, () -> "preparing to whitelist test parsed and decoded URL: " + testURI );
 
-        final List<String> whiteList = pwmApplication.getConfig().readSettingAsStringArray( PwmSetting.SECURITY_REDIRECT_WHITELIST );
+        final List<String> whiteList = pwmDomain.getConfig().readSettingAsStringArray( PwmSetting.SECURITY_REDIRECT_WHITELIST );
 
         if ( PwmURL.testIfUrlMatchesAllowedPattern( testURI, whiteList, sessionLabel ) )
         {

server/src/main/java/password/pwm/http/servlet/AbstractPwmServlet.java

@@ -21,7 +21,7 @@
 package password.pwm.http.servlet;
 
 import com.novell.ldapchai.exception.ChaiUnavailableException;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmException;
@@ -221,7 +221,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
     private boolean processUnrecoverableException(
             final HttpServletRequest req,
             final HttpServletResponse resp,
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmRequest pwmRequest,
             final PwmUnrecoverableException e
     )
@@ -233,7 +233,7 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
                 LOGGER.fatal( pwmRequest.getLabel(), () -> e.getErrorInformation().toDebugStr() );
                 try
                 {
-                    pwmApplication.getStatisticsManager().incrementValue( Statistic.LDAP_UNAVAILABLE_COUNT );
+                    pwmDomain.getStatisticsManager().incrementValue( Statistic.LDAP_UNAVAILABLE_COUNT );
                 }
                 catch ( final Throwable e1 )
                 {
@@ -265,9 +265,9 @@ public abstract class AbstractPwmServlet extends HttpServlet implements PwmServl
                 try
                 {
                     // try to update stats
-                    if ( pwmApplication != null )
+                    if ( pwmDomain != null )
                     {
-                        pwmApplication.getStatisticsManager().incrementValue( Statistic.PWM_UNKNOWN_ERRORS );
+                        pwmDomain.getStatisticsManager().incrementValue( Statistic.PWM_UNKNOWN_ERRORS );
                     }
                 }
                 catch ( final Throwable e1 )

server/src/main/java/password/pwm/http/servlet/ClientApiServlet.java

@@ -24,10 +24,10 @@ import com.novell.ldapchai.exception.ChaiUnavailableException;
 import lombok.Data;
 import password.pwm.AppProperty;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.SelectableContextMode;
 import password.pwm.config.profile.ChangePasswordProfile;
@@ -255,7 +255,7 @@ public class ClientApiServlet extends ControlledPwmServlet
     }
 
     public static String makeClientEtag(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmSession pwmSession,
             final HttpServletRequest httpServletRequest
     )
@@ -263,9 +263,9 @@ public class ClientApiServlet extends ControlledPwmServlet
     {
         final StringBuilder inputString = new StringBuilder();
         inputString.append( PwmConstants.BUILD_NUMBER );
-        inputString.append( pwmApplication.getStartupTime().toEpochMilli() );
+        inputString.append( pwmDomain.getStartupTime().toEpochMilli() );
         inputString.append( httpServletRequest.getSession().getMaxInactiveInterval() );
-        inputString.append( pwmApplication.getRuntimeNonce() );
+        inputString.append( pwmDomain.getRuntimeNonce() );
 
         if ( pwmSession.getSessionStateBean().getLocale() != null )
         {
@@ -283,7 +283,7 @@ public class ClientApiServlet extends ControlledPwmServlet
     }
 
     private AppData makeAppData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmRequest pwmSession,
             final HttpServletRequest request,
             final HttpServletResponse response,
@@ -292,12 +292,12 @@ public class ClientApiServlet extends ControlledPwmServlet
             throws ChaiUnavailableException, PwmUnrecoverableException
     {
         final AppData appData = new AppData();
-        appData.PWM_GLOBAL = makeClientData( pwmApplication, pwmSession, request, response, pageUrl );
+        appData.PWM_GLOBAL = makeClientData( pwmDomain, pwmSession, request, response, pageUrl );
         return appData;
     }
 
     private static Map<String, Object> makeClientData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmRequest pwmRequest,
             final HttpServletRequest request,
             final HttpServletResponse response,
@@ -308,7 +308,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final Locale userLocale = pwmSession.getSessionStateBean().getLocale();
 
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final TreeMap<String, Object> settingMap = new TreeMap<>();
 
         settingMap.put( "client.ajaxTypingTimeout", Integer.parseInt( config.readAppProperty( AppProperty.CLIENT_AJAX_TYPING_TIMEOUT ) ) );
@@ -319,7 +319,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         settingMap.put( "client.pwShowRevertTimeout", Integer.parseInt( config.readAppProperty( AppProperty.CLIENT_PW_SHOW_REVERT_TIMEOUT ) ) );
         settingMap.put( "enableIdleTimeout", config.readSettingAsBoolean( PwmSetting.DISPLAY_IDLE_TIMEOUT ) );
         settingMap.put( "pageLeaveNotice", config.readSettingAsLong( PwmSetting.SECURITY_PAGE_LEAVE_NOTICE_TIMEOUT ) );
-        settingMap.put( "setting-showHidePasswordFields", pwmApplication.getConfig().readSettingAsBoolean( password.pwm.config.PwmSetting.DISPLAY_SHOW_HIDE_PASSWORD_FIELDS ) );
+        settingMap.put( "setting-showHidePasswordFields", pwmDomain.getConfig().readSettingAsBoolean( password.pwm.config.PwmSetting.DISPLAY_SHOW_HIDE_PASSWORD_FIELDS ) );
         settingMap.put( "setting-displayEula", PwmConstants.ENABLE_EULA_DISPLAY );
         settingMap.put( "setting-showStrengthMeter", config.readSettingAsBoolean( PwmSetting.PASSWORD_SHOW_STRENGTH_METER ) );
 
@@ -350,14 +350,14 @@ public class ClientApiServlet extends ControlledPwmServlet
             settingMap.put( "MaxInactiveInterval", idleSeconds );
         }
         settingMap.put( "paramName.locale", config.readAppProperty( AppProperty.HTTP_PARAM_NAME_LOCALE ) );
-        settingMap.put( "runtimeNonce", pwmApplication.getRuntimeNonce() );
-        settingMap.put( "applicationMode", pwmApplication.getApplicationMode() );
+        settingMap.put( "runtimeNonce", pwmDomain.getRuntimeNonce() );
+        settingMap.put( "applicationMode", pwmDomain.getApplicationMode() );
 
         final String contextPath = request.getContextPath();
         settingMap.put( "url-context", contextPath );
         settingMap.put( "url-logout", contextPath + PwmServletDefinition.Logout.servletUrl() );
         settingMap.put( "url-command", contextPath + PwmServletDefinition.PublicCommand.servletUrl() );
-        settingMap.put( "url-resources", contextPath + "/public/resources" + pwmApplication.getResourceServletService().getResourceNonce() );
+        settingMap.put( "url-resources", contextPath + "/public/resources" + pwmDomain.getResourceServletService().getResourceNonce() );
         settingMap.put( "url-restservice", contextPath + "/public/rest" );
 
         if ( pwmRequest.isAuthenticated() )
@@ -403,12 +403,12 @@ public class ClientApiServlet extends ControlledPwmServlet
             final Map<String, String> localeDisplayNames = new LinkedHashMap<>();
             final Map<String, String> localeFlags = new LinkedHashMap<>();
 
-            final List<Locale> knownLocales = new ArrayList<>( pwmApplication.getConfig().getKnownLocales() );
+            final List<Locale> knownLocales = new ArrayList<>( pwmDomain.getConfig().getKnownLocales() );
             knownLocales.sort( LocaleHelper.localeComparator( PwmConstants.DEFAULT_LOCALE ) );
 
             for ( final Locale locale : knownLocales )
             {
-                final String flagCode = pwmApplication.getConfig().getKnownLocaleFlagMap().get( locale );
+                final String flagCode = pwmDomain.getConfig().getKnownLocaleFlagMap().get( locale );
                 localeFlags.put( locale.toString(), flagCode );
                 localeInfo.put( locale.toString(), locale.getDisplayName( PwmConstants.DEFAULT_LOCALE ) + " - " + locale.getDisplayLanguage( userLocale ) );
                 localeDisplayNames.put( locale.toString(), locale.getDisplayLanguage() );
@@ -420,12 +420,12 @@ public class ClientApiServlet extends ControlledPwmServlet
             settingMap.put( "defaultLocale", PwmConstants.DEFAULT_LOCALE.toString() );
         }
 
-        if ( pwmApplication.getConfig().readSettingAsEnum( PwmSetting.LDAP_SELECTABLE_CONTEXT_MODE, SelectableContextMode.class ) != SelectableContextMode.NONE )
+        if ( pwmDomain.getConfig().readSettingAsEnum( PwmSetting.LDAP_SELECTABLE_CONTEXT_MODE, SelectableContextMode.class ) != SelectableContextMode.NONE )
         {
             final Map<String, Map<String, String>> ldapProfiles = new LinkedHashMap<>();
-            for ( final String ldapProfile : pwmApplication.getConfig().getLdapProfiles().keySet() )
+            for ( final String ldapProfile : pwmDomain.getConfig().getLdapProfiles().keySet() )
             {
-                final Map<String, String> contexts = pwmApplication.getConfig().getLdapProfiles().get( ldapProfile ).getSelectableContexts( pwmApplication );
+                final Map<String, String> contexts = pwmDomain.getConfig().getLdapProfiles().get( ldapProfile ).getSelectableContexts( pwmDomain );
                 ldapProfiles.put( ldapProfile, contexts );
             }
             settingMap.put( "ldapProfiles", ldapProfiles );
@@ -436,7 +436,7 @@ public class ClientApiServlet extends ControlledPwmServlet
 
 
     private Map<String, String> makeDisplayData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmRequest pwmRequest,
             final String bundleName
     )
@@ -446,7 +446,7 @@ public class ClientApiServlet extends ControlledPwmServlet
         displayClass = displayClass == null ? Display.class : displayClass;
 
         final Locale userLocale = pwmSession.getSessionStateBean().getLocale();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final TreeMap<String, String> displayStrings = new TreeMap<>();
         final ResourceBundle bundle = ResourceBundle.getBundle( displayClass.getName() );
         try

server/src/main/java/password/pwm/http/servlet/DeleteAccountServlet.java

@@ -23,11 +23,11 @@ package password.pwm.http.servlet;
 import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.DeleteAccountProfile;
 import password.pwm.config.profile.ProfileDefinition;
@@ -108,10 +108,10 @@ public class DeleteAccountServlet extends ControlledPwmServlet
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final DeleteAccountProfile deleteAccountProfile = getProfile( pwmRequest );
 
-        if ( !pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.DELETE_ACCOUNT_ENABLE ) )
+        if ( !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.DELETE_ACCOUNT_ENABLE ) )
         {
             throw new PwmUnrecoverableException( new ErrorInformation(
                     PwmError.ERROR_SERVICE_NOT_AVAILABLE,
@@ -196,7 +196,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
     )
             throws ServletException, IOException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final DeleteAccountProfile deleteAccountProfile = getProfile( pwmRequest );
         final UserIdentity userIdentity = pwmRequest.getUserInfoIfLoggedIn();
 
@@ -209,7 +209,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
                 LOGGER.debug( pwmRequest, () -> "executing configured actions to user " + userIdentity );
 
 
-                final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmApplication, userIdentity )
+                final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmDomain, userIdentity )
                         .setExpandPwmMacros( true )
                         .setMacroMachine( pwmRequest.getPwmSession().getSessionManager().getMacroMachine( ) )
                         .createActionExecutor();
@@ -230,7 +230,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
         sendProfileUpdateEmailNotice( pwmRequest );
 
         // mark the event log
-        pwmApplication.getAuditManager().submit( AuditEvent.DELETE_ACCOUNT, pwmRequest.getPwmSession().getUserInfo(), pwmRequest.getPwmSession() );
+        pwmDomain.getAuditManager().submit( AuditEvent.DELETE_ACCOUNT, pwmRequest.getPwmSession().getUserInfo(), pwmRequest.getPwmSession() );
 
         final String nextUrl = deleteAccountProfile.readSettingAsString( PwmSetting.DELETE_ACCOUNT_NEXT_URL );
         if ( nextUrl != null && !nextUrl.isEmpty() )
@@ -244,7 +244,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
         // perform ldap entry delete.
         if ( deleteAccountProfile.readSettingAsBoolean( PwmSetting.DELETE_ACCOUNT_DELETE_USER_ENTRY ) )
         {
-            final ChaiUser chaiUser = pwmApplication.getProxiedChaiUser( pwmRequest.getUserInfoIfLoggedIn() );
+            final ChaiUser chaiUser = pwmDomain.getProxiedChaiUser( pwmRequest.getUserInfoIfLoggedIn() );
             try
             {
                 chaiUser.getChaiProvider().deleteEntry( chaiUser.getEntryDN() );
@@ -258,7 +258,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
         }
 
         // clear the delete bean
-        pwmApplication.getSessionStateService().clearBean( pwmRequest, DeleteAccountBean.class );
+        pwmDomain.getSessionStateService().clearBean( pwmRequest, DeleteAccountBean.class );
 
         // delete finished, so logout and redirect.
         pwmRequest.getPwmSession().unauthenticateUser( pwmRequest );
@@ -271,7 +271,7 @@ public class DeleteAccountServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
         final Locale locale = pwmRequest.getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_DELETEACCOUNT, locale );
 

server/src/main/java/password/pwm/http/servlet/ForgottenUsernameServlet.java

@@ -20,13 +20,13 @@
 
 package password.pwm.http.servlet;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.MessageSendMethod;
 import password.pwm.config.value.data.FormConfiguration;
@@ -101,7 +101,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
     protected void processAction( final PwmRequest pwmRequest )
             throws ServletException, IOException, PwmUnrecoverableException
     {
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
 
         if ( !config.readSettingAsBoolean( PwmSetting.FORGOTTEN_USERNAME_ENABLE ) )
         {
@@ -133,7 +133,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
 
@@ -152,7 +152,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
         final String contextParam = pwmRequest.readParameterAsString( PwmConstants.PARAM_CONTEXT );
         final String ldapProfile = pwmRequest.readParameterAsString( PwmConstants.PARAM_LDAP_PROFILE );
 
-        final List<FormConfiguration> forgottenUsernameForm = pwmApplication.getConfig().readSettingAsForm( PwmSetting.FORGOTTEN_USERNAME_FORM );
+        final List<FormConfiguration> forgottenUsernameForm = pwmDomain.getConfig().readSettingAsForm( PwmSetting.FORGOTTEN_USERNAME_FORM );
 
         //read the values from the request
         Map<FormConfiguration, String> formValues = new HashMap<>();
@@ -162,17 +162,17 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
                     forgottenUsernameForm, ssBean.getLocale() );
 
             // check for intruder search
-            pwmApplication.getIntruderManager().convenience().checkAttributes( formValues );
+            pwmDomain.getIntruderManager().convenience().checkAttributes( formValues );
 
             // see if the values meet the configured form requirements.
             FormUtility.validateFormValues( pwmRequest.getConfig(), formValues, ssBean.getLocale() );
 
             final String searchFilter;
             {
-                final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString( PwmSetting.FORGOTTEN_USERNAME_SEARCH_FILTER );
+                final String configuredSearchFilter = pwmDomain.getConfig().readSettingAsString( PwmSetting.FORGOTTEN_USERNAME_SEARCH_FILTER );
                 if ( configuredSearchFilter == null || configuredSearchFilter.isEmpty() )
                 {
-                    searchFilter = FormUtility.ldapSearchFilterForForm( pwmApplication, forgottenUsernameForm );
+                    searchFilter = FormUtility.ldapSearchFilterForForm( pwmDomain, forgottenUsernameForm );
                     LOGGER.trace( pwmRequest, () -> "auto generated ldap search filter: " + searchFilter );
                 }
                 else
@@ -183,7 +183,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
 
             final UserIdentity userIdentity;
             {
-                final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
+                final UserSearchEngine userSearchEngine = pwmDomain.getUserSearchEngine();
                 final SearchConfiguration searchConfiguration = SearchConfiguration.builder()
                         .filter( searchFilter )
                         .formValues( formValues )
@@ -195,29 +195,29 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
 
             if ( userIdentity == null )
             {
-                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
-                pwmApplication.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_FAILURES );
+                pwmDomain.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+                pwmDomain.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_FAILURES );
                 setLastError( pwmRequest, PwmError.ERROR_CANT_MATCH_USER.toInfo() );
                 forwardToFormJsp( pwmRequest );
                 return;
             }
 
             // make sure the user isn't locked.
-            pwmApplication.getIntruderManager().convenience().checkUserIdentity( userIdentity );
+            pwmDomain.getIntruderManager().convenience().checkUserIdentity( userIdentity );
 
             final UserInfo forgottenUserInfo = UserInfoFactory.newUserInfoUsingProxy(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest.getLabel(),
                     userIdentity, pwmRequest.getLocale()
             );
 
             // send username
-            sendUsername( pwmApplication, pwmRequest, forgottenUserInfo );
+            sendUsername( pwmDomain, pwmRequest, forgottenUserInfo );
 
-            pwmApplication.getIntruderManager().convenience().clearAddressAndSession( pwmSession );
-            pwmApplication.getIntruderManager().convenience().clearAttributes( formValues );
+            pwmDomain.getIntruderManager().convenience().clearAddressAndSession( pwmSession );
+            pwmDomain.getIntruderManager().convenience().clearAttributes( formValues );
 
-            pwmApplication.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_SUCCESSES );
+            pwmDomain.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_SUCCESSES );
 
             // redirect user to success page.
             forwardToCompletePage( pwmRequest, userIdentity );
@@ -232,27 +232,27 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
                     e.getErrorInformation().getFieldValues() )
                     : e.getErrorInformation();
             setLastError( pwmRequest, errorInfo );
-            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
-            pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
+            pwmDomain.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+            pwmDomain.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
         }
 
-        pwmApplication.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_FAILURES );
+        pwmDomain.getStatisticsManager().incrementValue( Statistic.FORGOTTEN_USERNAME_FAILURES );
         forwardToFormJsp( pwmRequest );
     }
 
 
     private void sendUsername(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmRequest pwmRequest,
             final UserInfo forgottenUserInfo
     )
             throws PwmOperationalException, PwmUnrecoverableException
     {
         final Locale userLocale = pwmRequest.getLocale();
-        final Configuration configuration = pwmApplication.getConfig();
-        final MessageSendMethod messageSendMethod = configuration.readSettingAsEnum( PwmSetting.FORGOTTEN_USERNAME_SEND_USERNAME_METHOD, MessageSendMethod.class );
-        final EmailItemBean emailItemBean = configuration.readSettingAsEmail( PwmSetting.EMAIL_SEND_USERNAME, userLocale );
-        final String smsMessage = configuration.readSettingAsLocalizedString( PwmSetting.SMS_FORGOTTEN_USERNAME_TEXT, userLocale );
+        final DomainConfig domainConfig = pwmDomain.getConfig();
+        final MessageSendMethod messageSendMethod = domainConfig.readSettingAsEnum( PwmSetting.FORGOTTEN_USERNAME_SEND_USERNAME_METHOD, MessageSendMethod.class );
+        final EmailItemBean emailItemBean = domainConfig.readSettingAsEmail( PwmSetting.EMAIL_SEND_USERNAME, userLocale );
+        final String smsMessage = domainConfig.readSettingAsLocalizedString( PwmSetting.SMS_FORGOTTEN_USERNAME_TEXT, userLocale );
 
         if ( messageSendMethod == null || messageSendMethod == MessageSendMethod.NONE )
         {
@@ -260,7 +260,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
         }
 
         sendMessageViaMethod(
-                pwmApplication,
+                pwmDomain,
                 pwmRequest.getLabel(),
                 forgottenUserInfo,
                 messageSendMethod,
@@ -271,7 +271,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
 
 
     private static void sendMessageViaMethod(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final UserInfo userInfo,
             final MessageSendMethod messageSendMethod,
@@ -280,7 +280,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
     )
             throws PwmOperationalException, PwmUnrecoverableException
     {
-        if ( pwmApplication == null )
+        if ( pwmDomain == null )
         {
             throw new IllegalArgumentException( "pwmApplication can not be null" );
         }
@@ -298,12 +298,12 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
 
             case SMSONLY:
                 // Only try SMS
-                error = sendSmsViaMethod( pwmApplication, sessionLabel, userInfo, smsMessage );
+                error = sendSmsViaMethod( pwmDomain, sessionLabel, userInfo, smsMessage );
                 break;
             case EMAILONLY:
             default:
                 // Only try email
-                error = sendEmailViaMethod( pwmApplication, sessionLabel, userInfo, emailItemBean );
+                error = sendEmailViaMethod( pwmDomain, sessionLabel, userInfo, emailItemBean );
                 break;
         }
         if ( error != null )
@@ -313,7 +313,7 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
     }
 
     private static ErrorInformation sendSmsViaMethod(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final UserInfo userInfo,
             final String smsMessage
@@ -327,14 +327,14 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
             return new ErrorInformation( PwmError.ERROR_INTERNAL, errorMsg );
         }
 
-        final MacroRequest macroRequest = MacroRequest.forUser( pwmApplication, sessionLabel, userInfo, null );
+        final MacroRequest macroRequest = MacroRequest.forUser( pwmDomain, sessionLabel, userInfo, null );
 
-        pwmApplication.sendSmsUsingQueue( toNumber, smsMessage, sessionLabel, macroRequest );
+        pwmDomain.sendSmsUsingQueue( toNumber, smsMessage, sessionLabel, macroRequest );
         return null;
     }
 
     private static ErrorInformation sendEmailViaMethod(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final UserInfo userInfo,
             final EmailItemBean emailItemBean
@@ -347,9 +347,9 @@ public class ForgottenUsernameServlet extends AbstractPwmServlet
             return new ErrorInformation( PwmError.ERROR_INTERNAL, errorMsg );
         }
 
-        final MacroRequest macroRequest = MacroRequest.forUser( pwmApplication, sessionLabel, userInfo, null );
+        final MacroRequest macroRequest = MacroRequest.forUser( pwmDomain, sessionLabel, userInfo, null );
 
-        pwmApplication.getEmailQueue().submitEmail( emailItemBean, userInfo, macroRequest );
+        pwmDomain.getEmailQueue().submitEmail( emailItemBean, userInfo, macroRequest );
 
         return null;
     }

server/src/main/java/password/pwm/http/servlet/GuestRegistrationServlet.java

@@ -25,12 +25,12 @@ import com.novell.ldapchai.exception.ChaiOperationException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.provider.ChaiProvider;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.PwmPasswordPolicy;
 import password.pwm.config.value.data.ActionConfiguration;
@@ -139,10 +139,10 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
     {
         //Fetch the session state bean.
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final GuestRegistrationBean guestRegistrationBean = pwmApplication.getSessionStateService().getBean( pwmRequest, GuestRegistrationBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final GuestRegistrationBean guestRegistrationBean = pwmDomain.getSessionStateService().getBean( pwmRequest, GuestRegistrationBean.class );
 
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
 
         if ( !config.readSettingAsBoolean( PwmSetting.GUEST_ENABLE ) )
         {
@@ -150,7 +150,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             return;
         }
 
-        if ( !pwmSession.getSessionManager().checkPermission( pwmApplication, Permission.GUEST_REGISTRATION ) )
+        if ( !pwmSession.getSessionManager().checkPermission( pwmDomain, Permission.GUEST_REGISTRATION ) )
         {
             pwmRequest.respondWithError( PwmError.ERROR_UNAUTHORIZED.toInfo() );
             return;
@@ -217,10 +217,10 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
         //Fetch the session state bean.
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final Configuration config = pwmApplication.getConfig();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final DomainConfig config = pwmDomain.getConfig();
 
-        final List<FormConfiguration> formItems = pwmApplication.getConfig().readSettingAsForm( PwmSetting.GUEST_UPDATE_FORM );
+        final List<FormConfiguration> formItems = pwmDomain.getConfig().readSettingAsForm( PwmSetting.GUEST_UPDATE_FORM );
         final String expirationAttribute = config.readSettingAsString( PwmSetting.GUEST_EXPIRATION_ATTRIBUTE );
 
         try
@@ -237,7 +237,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
 
             // check unique fields against ldap
             FormUtility.validateFormValueUniqueness(
-                    pwmApplication,
+                    pwmDomain,
                     formValues,
                     ssBean.getLocale(),
                     Collections.singletonList( guestRegistrationBean.getUpdateUserIdentity() )
@@ -256,7 +256,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
 
             // send email.
             final UserInfo guestUserInfoBean = UserInfoFactory.newUserInfo(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     guestRegistrationBean.getUpdateUserIdentity(),
@@ -264,7 +264,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             );
             this.sendUpdateGuestEmailConfirmation( pwmRequest, guestUserInfoBean );
 
-            pwmApplication.getStatisticsManager().incrementValue( Statistic.UPDATED_GUESTS );
+            pwmDomain.getStatisticsManager().incrementValue( Statistic.UPDATED_GUESTS );
 
             //everything good so forward to confirmation page.
             pwmRequest.getPwmResponse().forwardToSuccessPage( Message.Success_UpdateGuest );
@@ -290,7 +290,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
     )
             throws PwmUnrecoverableException
     {
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
         final Locale locale = pwmRequest.getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_UPDATEGUEST, locale );
 
@@ -311,15 +311,15 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
     {
         LOGGER.trace( pwmRequest, () -> "Enter: handleSearchRequest(...)" );
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final ChaiProvider chaiProvider = pwmSession.getSessionManager().getChaiProvider();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
 
         final String adminDnAttribute = config.readSettingAsString( PwmSetting.GUEST_ADMIN_ATTRIBUTE );
         final Boolean origAdminOnly = config.readSettingAsBoolean( PwmSetting.GUEST_EDIT_ORIG_ADMIN_ONLY );
 
         final String usernameParam = pwmRequest.readParameterAsString( "username" );
-        final GuestRegistrationBean guBean = pwmApplication.getSessionStateService().getBean( pwmRequest, GuestRegistrationBean.class );
+        final GuestRegistrationBean guBean = pwmDomain.getSessionStateService().getBean( pwmRequest, GuestRegistrationBean.class );
 
         final SearchConfiguration searchConfiguration = SearchConfiguration.builder()
                 .chaiProvider( chaiProvider )
@@ -328,7 +328,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
                 .username( usernameParam )
                 .build();
 
-        final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
+        final UserSearchEngine userSearchEngine = pwmDomain.getUserSearchEngine();
 
         try
         {
@@ -346,7 +346,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
                     }
                 }
                 final UserInfo guestUserInfo = UserInfoFactory.newUserInfo(
-                        pwmApplication,
+                        pwmDomain,
                         pwmRequest.getLabel(),
                         pwmRequest.getLocale(),
                         theGuest,
@@ -415,9 +415,9 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final Locale locale = ssBean.getLocale();
 
         final List<FormConfiguration> guestUserForm = config.readSettingAsForm( PwmSetting.GUEST_FORM );
@@ -475,27 +475,27 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             }
 
             final PwmPasswordPolicy passwordPolicy = PasswordUtility.readPasswordPolicyForUser(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest.getLabel(),
                     userIdentity,
                     theUser,
                     locale
             );
 
-            final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), passwordPolicy, pwmApplication );
+            final PasswordData newPassword = RandomPasswordGenerator.createRandomPassword( pwmRequest.getLabel(), passwordPolicy, pwmDomain );
             theUser.setPassword( newPassword.getStringValue() );
 
 
             {
                 // execute configured actions
                 LOGGER.debug( pwmRequest, () -> "executing configured actions to user " + theUser.getEntryDN() );
-                final List<ActionConfiguration> actions = pwmApplication.getConfig().readSettingAsAction( PwmSetting.GUEST_WRITE_ATTRIBUTES );
+                final List<ActionConfiguration> actions = pwmDomain.getConfig().readSettingAsAction( PwmSetting.GUEST_WRITE_ATTRIBUTES );
                 if ( actions != null && !actions.isEmpty() )
                 {
                     final MacroRequest macroRequest = MacroRequest.forUser( pwmRequest, userIdentity );
 
 
-                    final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmApplication, theUser )
+                    final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmDomain, theUser )
                             .setExpandPwmMacros( true )
                             .setMacroMachine( macroRequest )
                             .createActionExecutor();
@@ -507,7 +507,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             //everything good so forward to success page.
             this.sendGuestUserEmailConfirmation( pwmRequest, userIdentity );
 
-            pwmApplication.getStatisticsManager().incrementValue( Statistic.NEW_USERS );
+            pwmDomain.getStatisticsManager().incrementValue( Statistic.NEW_USERS );
 
             pwmRequest.getPwmResponse().forwardToSuccessPage( Message.Success_CreateGuest );
         }
@@ -531,8 +531,8 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
     )
             throws PwmOperationalException, ChaiUnavailableException, ChaiOperationException, PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final Configuration config = pwmApplication.getConfig();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final DomainConfig config = pwmDomain.getConfig();
         final long durationValueDays = config.readSettingAsLong( PwmSetting.GUEST_MAX_VALID_DAYS );
         final String expirationAttribute = config.readSettingAsString( PwmSetting.GUEST_EXPIRATION_ATTRIBUTE );
 
@@ -578,7 +578,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
         return expirationDate;
     }
 
-    private static String determineUserDN( final Map<FormConfiguration, String> formValues, final Configuration config )
+    private static String determineUserDN( final Map<FormConfiguration, String> formValues, final DomainConfig config )
             throws PwmUnrecoverableException
     {
         final String namingAttribute = config.getDefaultLdapProfile().readSettingAsString(
@@ -604,8 +604,8 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
             throws PwmUnrecoverableException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final Configuration config = pwmApplication.getConfig();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final DomainConfig config = pwmDomain.getConfig();
         final Locale locale = pwmSession.getSessionStateBean().getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_GUEST, locale );
 
@@ -617,7 +617,7 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
 
         final MacroRequest macroRequest = MacroRequest.forUser( pwmRequest, userIdentity );
 
-        pwmApplication.getEmailQueue().submitEmail( configuredEmailSetting, null, macroRequest );
+        pwmDomain.getEmailQueue().submitEmail( configuredEmailSetting, null, macroRequest );
     }
 
     private void forwardToJSP(
@@ -658,11 +658,11 @@ public class GuestRegistrationServlet extends AbstractPwmServlet
         pwmRequest.forwardToJsp( JspUrl.GUEST_UPDATE );
     }
 
-    private static void checkConfiguration( final Configuration configuration )
+    private static void checkConfiguration( final DomainConfig domainConfig )
             throws PwmUnrecoverableException
     {
-        final String namingAttribute = configuration.getDefaultLdapProfile().readSettingAsString( PwmSetting.LDAP_NAMING_ATTRIBUTE );
-        final List<FormConfiguration> formItems = configuration.readSettingAsForm( PwmSetting.GUEST_FORM );
+        final String namingAttribute = domainConfig.getDefaultLdapProfile().readSettingAsString( PwmSetting.LDAP_NAMING_ATTRIBUTE );
+        final List<FormConfiguration> formItems = domainConfig.readSettingAsForm( PwmSetting.GUEST_FORM );
 
         {
             boolean namingIsInForm = false;

server/src/main/java/password/pwm/http/servlet/LogoutServlet.java

@@ -21,7 +21,7 @@
 package password.pwm.http.servlet;
 
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.error.PwmUnrecoverableException;
@@ -132,7 +132,7 @@ public class LogoutServlet extends ControlledPwmServlet
                 + ( logoutDueToIdle ? " due to client idle timeout" : "" ) );
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         pwmSession.unauthenticateUser( pwmRequest );
 
@@ -150,7 +150,7 @@ public class LogoutServlet extends ControlledPwmServlet
 
         {
             // if the logout url hasn't been set then try seeing if one has been configured.
-            final String configuredLogoutURL = pwmApplication.getConfig().readSettingAsString( PwmSetting.URL_LOGOUT );
+            final String configuredLogoutURL = pwmDomain.getConfig().readSettingAsString( PwmSetting.URL_LOGOUT );
             if ( configuredLogoutURL != null && configuredLogoutURL.length() > 0 )
             {
 
@@ -165,7 +165,7 @@ public class LogoutServlet extends ControlledPwmServlet
                     if ( sessionForwardURL != null && sessionForwardURL.length() > 0 )
                     {
                         logoutUrlParameters.put(
-                                pwmApplication.getConfig().readAppProperty( AppProperty.HTTP_PARAM_NAME_FORWARD_URL ),
+                                pwmDomain.getConfig().readAppProperty( AppProperty.HTTP_PARAM_NAME_FORWARD_URL ),
                                 sessionForwardURL
                         );
                     }

server/src/main/java/password/pwm/http/servlet/SetupOtpServlet.java

@@ -24,11 +24,11 @@ import com.novell.ldapchai.exception.ChaiUnavailableException;
 import net.glxn.qrgen.QRCode;
 import password.pwm.AppProperty;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.ForceSetupPolicy;
 import password.pwm.config.profile.SetupOtpProfile;
@@ -127,9 +127,9 @@ public class SetupOtpServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, IOException, ServletException
     {
         // fetch the required beans / managers
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
 
         final SetupOtpProfile setupOtpProfile = getSetupOtpProfile( pwmRequest );
         if ( setupOtpProfile == null || !setupOtpProfile.readSettingAsBoolean( PwmSetting.OTP_ALLOW_SETUP ) )
@@ -171,12 +171,12 @@ public class SetupOtpServlet extends ControlledPwmServlet
             return;
         }
 
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         if ( otpBean.isConfirmed() )
         {
-            final OtpService otpService = pwmApplication.getOtpService();
+            final OtpService otpService = pwmDomain.getOtpService();
             final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
             try
             {
@@ -196,12 +196,12 @@ public class SetupOtpServlet extends ControlledPwmServlet
                         pwmSession.getUserInfo(),
                         pwmSession
                 );
-                pwmApplication.getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+                pwmDomain.getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
 
 
-                if ( pwmApplication.getStatisticsManager() != null && pwmApplication.getStatisticsManager().status() == PwmService.STATUS.OPEN )
+                if ( pwmDomain.getStatisticsManager() != null && pwmDomain.getStatisticsManager().status() == PwmService.STATUS.OPEN )
                 {
-                    pwmApplication.getStatisticsManager().incrementValue( Statistic.SETUP_OTP_SECRET );
+                    pwmDomain.getStatisticsManager().incrementValue( Statistic.SETUP_OTP_SECRET );
                 }
             }
             catch ( final Exception e )
@@ -281,15 +281,15 @@ public class SetupOtpServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ServletException, ChaiUnavailableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final OTPUserRecord otpUserRecord = pwmSession.getUserInfo().getOtpUserRecord();
-        final OtpService otpService = pwmApplication.getOtpService();
+        final OtpService otpService = pwmDomain.getOtpService();
 
         final String bodyString = pwmRequest.readRequestBodyAsString();
         final Map<String, String> clientValues = JsonUtil.deserializeStringMap( bodyString );
-        final String code = Validator.sanitizeInputValue( pwmApplication.getConfig(), clientValues.get( "code" ), 1024 );
+        final String code = Validator.sanitizeInputValue( pwmDomain.getConfig(), clientValues.get( "code" ), 1024 );
 
         try
         {
@@ -324,9 +324,9 @@ public class SetupOtpServlet extends ControlledPwmServlet
     {
         final SetupOtpBean otpBean = getSetupOtpBean( pwmRequest );
 
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final OtpService service = pwmApplication.getOtpService();
+        final OtpService service = pwmDomain.getOtpService();
         final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
         try
         {
@@ -352,11 +352,11 @@ public class SetupOtpServlet extends ControlledPwmServlet
     {
         final SetupOtpBean otpBean = getSetupOtpBean( pwmRequest );
 
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         final String otpToken = pwmRequest.readParameterAsString( PwmConstants.PARAM_OTP_TOKEN );
-        final OtpService otpService = pwmApplication.getOtpService();
+        final OtpService otpService = pwmDomain.getOtpService();
         if ( otpToken != null && otpToken.length() > 0 )
         {
             try
@@ -400,7 +400,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         // has pre-existing, nothing to do.
@@ -409,7 +409,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
             return;
         }
 
-        final OtpService service = pwmApplication.getOtpService();
+        final OtpService service = pwmDomain.getOtpService();
         final UserIdentity theUser = pwmSession.getUserInfo().getUserIdentity();
 
         // first time here
@@ -439,12 +439,12 @@ public class SetupOtpServlet extends ControlledPwmServlet
         {
             try
             {
-                final Configuration config = pwmApplication.getConfig();
+                final DomainConfig config = pwmDomain.getConfig();
                 final SetupOtpProfile setupOtpProfile = getSetupOtpProfile( pwmRequest );
                 final String identifierConfigValue = setupOtpProfile.readSettingAsString( PwmSetting.OTP_SECRET_IDENTIFIER );
                 final String identifier = pwmSession.getSessionManager().getMacroMachine( ).expandMacros( identifierConfigValue );
                 final OTPUserRecord otpUserRecord = new OTPUserRecord();
-                final List<String> rawRecoveryCodes = pwmApplication.getOtpService().initializeUserRecord(
+                final List<String> rawRecoveryCodes = pwmDomain.getOtpService().initializeUserRecord(
                         setupOtpProfile,
                         otpUserRecord,
                         pwmRequest.getLabel(),
@@ -476,7 +476,7 @@ public class SetupOtpServlet extends ControlledPwmServlet
         return ProcessStatus.Continue;
     }
 
-    private boolean canSetupOtpSecret( final Configuration config )
+    private boolean canSetupOtpSecret( final DomainConfig config )
     {
         /* TODO */
         return true;

server/src/main/java/password/pwm/http/servlet/SetupResponsesServlet.java

@@ -32,7 +32,7 @@ import com.novell.ldapchai.exception.ChaiValidationException;
 import com.novell.ldapchai.provider.ChaiProvider;
 import lombok.Value;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.bean.ResponseInfoBean;
@@ -135,7 +135,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         if ( !pwmSession.isAuthenticated() )
         {
@@ -148,22 +148,22 @@ public class SetupResponsesServlet extends ControlledPwmServlet
             throw new PwmUnrecoverableException( PwmError.ERROR_PASSWORD_REQUIRED );
         }
 
-        if ( !pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.CHALLENGE_ENABLE ) )
+        if ( !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.CHALLENGE_ENABLE ) )
         {
             throw new PwmUnrecoverableException( PwmError.ERROR_SERVICE_NOT_AVAILABLE );
         }
 
         // check to see if the user is permitted to setup responses
-        if ( !pwmSession.getSessionManager().checkPermission( pwmApplication, Permission.SETUP_RESPONSE ) )
+        if ( !pwmSession.getSessionManager().checkPermission( pwmDomain, Permission.SETUP_RESPONSE ) )
         {
             throw new PwmUnrecoverableException( PwmError.ERROR_UNAUTHORIZED );
         }
 
         // check if the locale has changed since first seen.
-        if ( pwmSession.getSessionStateBean().getLocale() != pwmApplication.getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class ).getUserLocale() )
+        if ( pwmSession.getSessionStateBean().getLocale() != pwmDomain.getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class ).getUserLocale() )
         {
             pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
-            pwmApplication.getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class ).setUserLocale( pwmSession.getSessionStateBean().getLocale() );
+            pwmDomain.getSessionStateService().getBean( pwmRequest, SetupResponsesBean.class ).setUserLocale( pwmSession.getSessionStateBean().getLocale() );
         }
 
         // check to see if the user has any challenges assigned
@@ -193,8 +193,8 @@ public class SetupResponsesServlet extends ControlledPwmServlet
     private ProcessStatus processChangeResponses( final PwmRequest pwmRequest ) throws PwmUnrecoverableException
     {
         final SetupResponsesBean setupResponsesBean = getSetupResponseBean( pwmRequest );
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        pwmApplication.getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        pwmDomain.getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
         this.initializeBean( pwmRequest, setupResponsesBean );
         setupResponsesBean.setUserLocale( pwmRequest.getLocale() );
         return ProcessStatus.Continue;
@@ -207,13 +207,13 @@ public class SetupResponsesServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, ChaiUnavailableException, IOException
     {
         LOGGER.trace( pwmRequest, () -> "request for response clear received" );
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         try
         {
             final String userGUID = pwmSession.getUserInfo().getUserGuid();
             final ChaiUser theUser = pwmSession.getSessionManager().getActor( );
-            pwmApplication.getCrService().clearResponses( pwmRequest.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID );
+            pwmDomain.getCrService().clearResponses( pwmRequest.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID );
             pwmSession.reloadUserInfoBean( pwmRequest );
             pwmRequest.getPwmApplication().getSessionStateService().clearBean( pwmRequest, SetupResponsesBean.class );
 
@@ -223,7 +223,7 @@ public class SetupResponsesServlet extends ControlledPwmServlet
                     pwmSession.getUserInfo(),
                     pwmSession
             );
-            pwmApplication.getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
+            pwmDomain.getAuditManager().submit( pwmRequest.getLabel(), auditRecord );
 
             pwmRequest.sendRedirect( PwmServletDefinition.SetupResponses );
         }
@@ -264,27 +264,27 @@ public class SetupResponsesServlet extends ControlledPwmServlet
         final SetupResponsesBean setupResponsesBean = getSetupResponseBean( pwmRequest );
         final Instant startTime = Instant.now();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final String responseModeParam = pwmRequest.readParameterAsString( "responseMode" );
         final SetupResponsesBean.SetupData setupData = "helpdesk".equalsIgnoreCase( responseModeParam )
                 ? setupResponsesBean.getHelpdeskResponseData()
                 : setupResponsesBean.getResponseData();
 
         boolean success = true;
-        String userMessage = Message.getLocalizedMessage( pwmSession.getSessionStateBean().getLocale(), Message.Success_ResponsesMeetRules, pwmApplication.getConfig() );
+        String userMessage = Message.getLocalizedMessage( pwmSession.getSessionStateBean().getLocale(), Message.Success_ResponsesMeetRules, pwmDomain.getConfig() );
 
         try
         {
             // read in the responses from the request
             final Map<Challenge, String> responseMap = readResponsesFromJsonRequest( pwmRequest, setupData );
             final int minRandomRequiredSetup = setupData.getMinRandomSetup();
-            pwmApplication.getCrService().validateResponses( setupData.getChallengeSet(), responseMap, minRandomRequiredSetup );
+            pwmDomain.getCrService().validateResponses( setupData.getChallengeSet(), responseMap, minRandomRequiredSetup );
             generateResponseInfoBean( pwmRequest, setupData.getChallengeSet(), responseMap, Collections.emptyMap() );
         }
         catch ( final PwmDataValidationException e )
         {
             success = false;
-            userMessage = e.getErrorInformation().toUserStr( pwmSession, pwmApplication );
+            userMessage = e.getErrorInformation().toUserStr( pwmSession, pwmDomain );
         }
 
         final ValidationResponseBean validationResponseBean = new ValidationResponseBean( userMessage, success );
@@ -431,14 +431,14 @@ public class SetupResponsesServlet extends ControlledPwmServlet
     private void saveResponses( final PwmRequest pwmRequest, final ResponseInfoBean responseInfoBean )
             throws PwmUnrecoverableException, ChaiUnavailableException, PwmOperationalException, ChaiValidationException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ChaiUser theUser = pwmSession.getSessionManager().getActor( );
         final String userGUID = pwmSession.getUserInfo().getUserGuid();
-        pwmApplication.getCrService().writeResponses( pwmRequest.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID, responseInfoBean );
+        pwmDomain.getCrService().writeResponses( pwmRequest.getLabel(), pwmRequest.getUserInfoIfLoggedIn(), theUser, userGUID, responseInfoBean );
         pwmSession.reloadUserInfoBean( pwmRequest );
-        pwmApplication.getStatisticsManager().incrementValue( Statistic.SETUP_RESPONSES );
-        pwmApplication.getAuditManager().submit( AuditEvent.SET_RESPONSES, pwmSession.getUserInfo(), pwmSession );
+        pwmDomain.getStatisticsManager().incrementValue( Statistic.SETUP_RESPONSES );
+        pwmDomain.getAuditManager().submit( AuditEvent.SET_RESPONSES, pwmSession.getUserInfo(), pwmSession );
     }
 
     private static Map<Challenge, String> readResponsesFromHttpRequest(

server/src/main/java/password/pwm/http/servlet/ShortcutServlet.java

@@ -22,7 +22,7 @@ package password.pwm.http.servlet;
 
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.util.StringHelper;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
 import password.pwm.config.PwmSetting;
@@ -95,15 +95,15 @@ public class ShortcutServlet extends AbstractPwmServlet
     protected void processAction( final PwmRequest pwmRequest )
             throws ServletException, IOException, ChaiUnavailableException, PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
-        if ( !pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.SHORTCUT_ENABLE ) )
+        if ( !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.SHORTCUT_ENABLE ) )
         {
             pwmRequest.respondWithError( PwmError.ERROR_SERVICE_NOT_AVAILABLE.toInfo() );
             return;
         }
 
-        final ShortcutsBean shortcutsBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ShortcutsBean.class );
+        final ShortcutsBean shortcutsBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ShortcutsBean.class );
         if ( shortcutsBean.getVisibleItems() == null )
         {
             LOGGER.debug( pwmRequest, () -> "building visible shortcut list for user" );
@@ -219,7 +219,7 @@ public class ShortcutServlet extends AbstractPwmServlet
             throws PwmUnrecoverableException,  IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         final String link = pwmRequest.readParameterAsString( "link" );
         final Map<String, ShortcutItem> visibleItems = shortcutsBean.getVisibleItems();
@@ -228,7 +228,7 @@ public class ShortcutServlet extends AbstractPwmServlet
         {
             final ShortcutItem item = visibleItems.get( link );
 
-            pwmApplication.getStatisticsManager().incrementValue( Statistic.SHORTCUTS_SELECTED );
+            pwmDomain.getStatisticsManager().incrementValue( Statistic.SHORTCUTS_SELECTED );
             LOGGER.trace( pwmRequest, () -> "shortcut link selected: " + link + ", setting link for 'forwardURL' to " + item.getShortcutURI() );
             pwmSession.getSessionStateBean().setForwardURL( item.getShortcutURI().toString() );
 

server/src/main/java/password/pwm/http/servlet/accountinfo/AccountInformationBean.java

@@ -22,7 +22,7 @@ package password.pwm.http.servlet.accountinfo;
 
 import lombok.Builder;
 import lombok.Value;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.ViewStatusFields;
@@ -112,7 +112,7 @@ public class AccountInformationBean implements Serializable
     }
 
     public static List<ActivityRecord> makeAuditInfo(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final AccountInformationProfile accountInformationProfile,
             final SessionLabel sessionLabel,
             final UserInfo userInfo,
@@ -128,7 +128,7 @@ public class AccountInformationBean implements Serializable
         final List<UserAuditRecord> auditRecords = new ArrayList<>();
         try
         {
-            auditRecords.addAll( pwmApplication.getAuditManager().readUserHistory( sessionLabel, userInfo ) );
+            auditRecords.addAll( pwmDomain.getAuditManager().readUserHistory( sessionLabel, userInfo ) );
         }
         catch ( final PwmUnrecoverableException e )
         {
@@ -140,7 +140,7 @@ public class AccountInformationBean implements Serializable
         {
             returnData.add( new ActivityRecord(
                     userAuditRecord.getTimestamp(),
-                    userAuditRecord.getEventCode().getLocalizedString( pwmApplication.getConfig(), locale )
+                    userAuditRecord.getEventCode().getLocalizedString( pwmDomain.getConfig(), locale )
             ) );
         }
 

server/src/main/java/password/pwm/http/servlet/activation/ActivateUserServlet.java

@@ -22,12 +22,12 @@ package password.pwm.http.servlet.activation;
 
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.bean.TokenDestinationItem;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.MessageSendMethod;
 import password.pwm.config.profile.ActivateUserProfile;
@@ -131,7 +131,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
 
         if ( !config.readSettingAsBoolean( PwmSetting.ACTIVATE_USER_ENABLE ) )
         {
@@ -218,9 +218,9 @@ public class ActivateUserServlet extends ControlledPwmServlet
     public ProcessStatus handleSearchRequest( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, ChaiUnavailableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final LocalSessionStateBean ssBean = pwmSession.getSessionStateBean();
 
         if ( CaptchaUtility.captchaEnabledForRequest( pwmRequest ) )
@@ -232,7 +232,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
             }
         }
 
-        pwmApplication.getSessionStateService().clearBean( pwmRequest, ActivateUserBean.class );
+        pwmDomain.getSessionStateService().clearBean( pwmRequest, ActivateUserBean.class );
         final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm( PwmSetting.ACTIVATE_USER_FORM );
 
         Map<FormConfiguration, String> formValues = new HashMap<>();
@@ -243,7 +243,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
                     ssBean.getLocale() );
 
             // check for intruders
-            pwmApplication.getIntruderManager().convenience().checkAttributes( formValues );
+            pwmDomain.getIntruderManager().convenience().checkAttributes( formValues );
 
             // read the context attr
             final String contextParam = pwmRequest.readParameterAsString( PwmConstants.PARAM_CONTEXT );
@@ -259,7 +259,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
             // read an ldap user object based on the params
             final UserIdentity userIdentity;
             {
-                final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
+                final UserSearchEngine userSearchEngine = pwmDomain.getUserSearchEngine();
                 final SearchConfiguration searchConfiguration = SearchConfiguration.builder()
                         .contexts( Collections.singletonList( contextParam ) )
                         .filter( searchFilter )
@@ -273,13 +273,13 @@ public class ActivateUserServlet extends ControlledPwmServlet
             ActivateUserUtils.validateParamsAgainstLDAP( pwmRequest, formValues, userIdentity );
 
             ActivateUserUtils.initUserActivationBean( pwmRequest, userIdentity );
-            pwmApplication.getIntruderManager().convenience().clearAttributes( formValues );
-            pwmApplication.getIntruderManager().convenience().clearAddressAndSession( pwmSession );
+            pwmDomain.getIntruderManager().convenience().clearAttributes( formValues );
+            pwmDomain.getIntruderManager().convenience().clearAddressAndSession( pwmSession );
         }
         catch ( final PwmOperationalException e )
         {
-            pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
-            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+            pwmDomain.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
+            pwmDomain.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
             setLastError( pwmRequest, e.getErrorInformation() );
             LOGGER.debug( pwmRequest, e.getErrorInformation() );
         }
@@ -322,8 +322,8 @@ public class ActivateUserServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final ActivateUserBean activateUserBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
         final String userEnteredCode = pwmRequest.readParameterAsString( PwmConstants.PARAM_TOKEN );
 
         ErrorInformation errorInformation = null;
@@ -399,7 +399,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
     @Override
     protected void nextStep( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ActivateUserBean activateUserBean = activateUserBean( pwmRequest );
 
@@ -416,7 +416,7 @@ public class ActivateUserServlet extends ControlledPwmServlet
         if ( tokenSendMethod != MessageSendMethod.NONE && tokenSendMethod != null )
         {
             final List<TokenDestinationItem> tokenDestinationItems = TokenUtil.figureAvailableTokenDestinations(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest.getLabel(),
                     pwmRequest.getLocale(),
                     userInfo,
@@ -477,8 +477,8 @@ public class ActivateUserServlet extends ControlledPwmServlet
         catch ( final PwmOperationalException e )
         {
             LOGGER.debug( pwmRequest, e.getErrorInformation() );
-            pwmApplication.getIntruderManager().convenience().markUserIdentity( activateUserBean.getUserIdentity(), pwmRequest );
-            pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+            pwmDomain.getIntruderManager().convenience().markUserIdentity( activateUserBean.getUserIdentity(), pwmRequest );
+            pwmDomain.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
             pwmRequest.respondWithError( e.getErrorInformation() );
         }
     }

server/src/main/java/password/pwm/http/servlet/activation/ActivateUserUtils.java

@@ -25,11 +25,11 @@ import com.novell.ldapchai.exception.ChaiOperationException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.exception.ImpossiblePasswordPolicyException;
 import com.novell.ldapchai.provider.ChaiProvider;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.MessageSendMethod;
 import password.pwm.config.profile.ActivateUserProfile;
@@ -81,9 +81,9 @@ class ActivateUserUtils
     )
             throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final ChaiUser theUser = pwmApplication.getProxiedChaiUser( userIdentity );
+        final ChaiUser theUser = pwmDomain.getProxiedChaiUser( userIdentity );
 
         final ActivateUserProfile activateUserProfile = ActivateUserServlet.activateUserProfile( pwmRequest );
 
@@ -111,7 +111,7 @@ class ActivateUserUtils
                 {
                     final MacroRequest macroRequest = MacroRequest.forUser( pwmRequest, userIdentity );
 
-                    final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmApplication, userIdentity )
+                    final ActionExecutor actionExecutor = new ActionExecutor.ActionExecutorSettings( pwmDomain, userIdentity )
                             .setExpandPwmMacros( true )
                             .setMacroMachine( macroRequest )
                             .createActionExecutor();
@@ -121,7 +121,7 @@ class ActivateUserUtils
             }
 
             //authenticate the pwm session
-            final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmApplication, pwmRequest, PwmAuthenticationSource.USER_ACTIVATION );
+            final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator( pwmDomain, pwmRequest, PwmAuthenticationSource.USER_ACTIVATION );
             sessionAuthenticator.authUserWithUnknownPassword( userIdentity, AuthenticationType.AUTH_FROM_PUBLIC_MODULE );
 
             //ensure a change password is triggered
@@ -131,10 +131,10 @@ class ActivateUserUtils
 
 
             // mark the event log
-            pwmApplication.getAuditManager().submit( AuditEvent.ACTIVATE_USER, pwmSession.getUserInfo(), pwmSession );
+            pwmDomain.getAuditManager().submit( AuditEvent.ACTIVATE_USER, pwmSession.getUserInfo(), pwmSession );
 
             // update the stats bean
-            pwmApplication.getStatisticsManager().incrementValue( Statistic.ACTIVATED_USERS );
+            pwmDomain.getStatisticsManager().incrementValue( Statistic.ACTIVATED_USERS );
 
             // send email or sms
             sendPostActivationNotice( pwmRequest );
@@ -234,10 +234,10 @@ class ActivateUserUtils
     )
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final UserInfo userInfo = pwmSession.getUserInfo();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final Locale locale = pwmSession.getSessionStateBean().getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_ACTIVATION, locale );
 
@@ -247,7 +247,7 @@ class ActivateUserUtils
             return false;
         }
 
-        pwmApplication.getEmailQueue().submitEmail(
+        pwmDomain.getEmailQueue().submitEmail(
                 configuredEmailSetting,
                 pwmSession.getUserInfo(),
                 pwmSession.getSessionManager().getMacroMachine( )
@@ -258,9 +258,9 @@ class ActivateUserUtils
     static boolean sendPostActivationSms( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
         final UserInfo userInfo = pwmSession.getUserInfo();
         final Locale locale = pwmSession.getSessionStateBean().getLocale();
         final LdapProfile ldapProfile = userInfo.getUserIdentity().getLdapProfile( config );
@@ -284,7 +284,7 @@ class ActivateUserUtils
             return false;
         }
 
-        pwmApplication.sendSmsUsingQueue(
+        pwmDomain.sendSmsUsingQueue(
                 toSmsNumber,
                 message,
                 pwmRequest.getLabel(),
@@ -296,15 +296,15 @@ class ActivateUserUtils
     static String figureLdapSearchFilter( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final Configuration config = pwmApplication.getConfig();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final DomainConfig config = pwmDomain.getConfig();
         final List<FormConfiguration> configuredActivationForm = config.readSettingAsForm( PwmSetting.ACTIVATE_USER_FORM );
 
         final String configuredSearchFilter = config.readSettingAsString( PwmSetting.ACTIVATE_USER_SEARCH_FILTER );
         final String searchFilter;
         if ( configuredSearchFilter == null || configuredSearchFilter.isEmpty() )
         {
-            searchFilter = FormUtility.ldapSearchFilterForForm( pwmApplication, configuredActivationForm );
+            searchFilter = FormUtility.ldapSearchFilterForForm( pwmDomain, configuredActivationForm );
             LOGGER.trace( pwmRequest, () -> "auto generated search filter based on activation form: " + searchFilter );
         }
         else
@@ -339,12 +339,12 @@ class ActivateUserUtils
     static void initUserActivationBean( final PwmRequest pwmRequest, final UserIdentity userIdentity )
             throws PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final ActivateUserBean activateUserBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final ActivateUserBean activateUserBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ActivateUserBean.class );
 
         final Optional<String> profileID = ProfileUtility.discoverProfileIDForUser( pwmRequest.getPwmRequestContext(), userIdentity, ProfileDefinition.ActivateUser );
 
-        if ( !profileID.isPresent() || !pwmApplication.getConfig().getUserActivationProfiles().containsKey( profileID.get() ) )
+        if ( !profileID.isPresent() || !pwmDomain.getConfig().getUserActivationProfiles().containsKey( profileID.get() ) )
         {
             throw PwmUnrecoverableException.newException( PwmError.ERROR_ACTIVATE_NO_PERMISSION, "no matching user activation profile for user" );
         }

server/src/main/java/password/pwm/http/servlet/admin/AdminServlet.java

@@ -24,11 +24,11 @@ import com.novell.ldapchai.exception.ChaiUnavailableException;
 import lombok.Value;
 import password.pwm.AppProperty;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
 import password.pwm.bean.pub.SessionStateInfoBean;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
@@ -196,17 +196,17 @@ public class AdminServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
-                pwmApplication.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_AUDIT_RECORDS_CSV )
+                pwmDomain.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_AUDIT_RECORDS_CSV )
         );
 
         final OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream();
         try
         {
-            pwmApplication.getAuditManager().outputVaultToCsv( outputStream, pwmRequest.getLocale(), true );
+            pwmDomain.getAuditManager().outputVaultToCsv( outputStream, pwmRequest.getLocale(), true );
         }
         catch ( final Exception e )
         {
@@ -226,17 +226,17 @@ public class AdminServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
-                pwmApplication.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_USER_REPORT_RECORDS_CSV )
+                pwmDomain.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_USER_REPORT_RECORDS_CSV )
         );
 
         final OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream();
         try
         {
-            final ReportCsvUtility reportCsvUtility = new ReportCsvUtility( pwmApplication );
+            final ReportCsvUtility reportCsvUtility = new ReportCsvUtility( pwmDomain );
             reportCsvUtility.outputToCsv( outputStream, true, pwmRequest.getLocale() );
         }
         catch ( final Exception e )
@@ -257,17 +257,17 @@ public class AdminServlet extends ControlledPwmServlet
     )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
-                pwmApplication.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_USER_REPORT_SUMMARY_CSV )
+                pwmDomain.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_USER_REPORT_SUMMARY_CSV )
         );
 
         final OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream();
         try
         {
-            final ReportCsvUtility reportCsvUtility = new ReportCsvUtility( pwmApplication );
+            final ReportCsvUtility reportCsvUtility = new ReportCsvUtility( pwmDomain );
             reportCsvUtility.outputSummaryToCsv( outputStream, pwmRequest.getLocale() );
         }
         catch ( final Exception e )
@@ -286,7 +286,7 @@ public class AdminServlet extends ControlledPwmServlet
     private ProcessStatus downloadStatisticsLogCsv( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
@@ -296,7 +296,7 @@ public class AdminServlet extends ControlledPwmServlet
         final OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream();
         try
         {
-            final StatisticsManager statsManager = pwmApplication.getStatisticsManager();
+            final StatisticsManager statsManager = pwmDomain.getStatisticsManager();
             statsManager.outputStatsToCsv( outputStream, pwmRequest.getLocale(), true );
         }
         catch ( final Exception e )
@@ -315,7 +315,7 @@ public class AdminServlet extends ControlledPwmServlet
     private ProcessStatus downloadSessionsCsv( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ChaiUnavailableException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         pwmRequest.getPwmResponse().markAsDownload(
                 HttpContentType.csv,
@@ -325,7 +325,7 @@ public class AdminServlet extends ControlledPwmServlet
         final OutputStream outputStream = pwmRequest.getPwmResponse().getOutputStream();
         try
         {
-            pwmApplication.getSessionTrackService().outputToCsv( pwmRequest.getLocale(), pwmRequest.getConfig(), outputStream );
+            pwmDomain.getSessionTrackService().outputToCsv( pwmRequest.getLocale(), pwmRequest.getConfig(), outputStream );
         }
         catch ( final Exception e )
         {
@@ -392,11 +392,11 @@ public class AdminServlet extends ControlledPwmServlet
     private ProcessStatus processReportSummary( final PwmRequest pwmRequest )
             throws IOException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final LinkedHashMap<String, Object> returnMap = new LinkedHashMap<>();
-        returnMap.put( "raw", pwmApplication.getReportService().getSummaryData() );
-        returnMap.put( "presentable", pwmApplication.getReportService().getSummaryData().asPresentableCollection(
-                pwmApplication.getConfig(),
+        returnMap.put( "raw", pwmDomain.getReportService().getSummaryData() );
+        returnMap.put( "presentable", pwmDomain.getReportService().getSummaryData().asPresentableCollection(
+                pwmDomain.getConfig(),
                 pwmRequest.getPwmSession().getSessionStateBean().getLocale()
         ) );
 
@@ -439,14 +439,14 @@ public class AdminServlet extends ControlledPwmServlet
 
             throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final AdminBean adminBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, AdminBean.class );
         final UserIdentity userIdentity = adminBean.getLastUserDebug();
         if ( userIdentity != null )
         {
             pwmRequest.getPwmResponse().markAsDownload(
                     HttpContentType.json,
-                    pwmApplication.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_USER_DEBUG_JSON )
+                    pwmDomain.getConfig().readAppProperty( AppProperty.DOWNLOAD_FILENAME_USER_DEBUG_JSON )
             );
             final UserDebugDataBean userDebugData = UserDebugDataReader.readUserDebugData(
                     pwmRequest.getPwmApplication(),
@@ -694,7 +694,7 @@ public class AdminServlet extends ControlledPwmServlet
         }
 
         final List<DisplayElement> statusData = new ArrayList<>( );
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
         final Locale locale = pwmRequest.getLocale();
         final PwNotifyService pwNotifyService = pwmRequest.getPwmApplication().getPwNotifyService();
         final PwNotifyStoredJobState pwNotifyStoredJobState = pwNotifyService.getJobState();

server/src/main/java/password/pwm/http/servlet/admin/AppDashboardData.java

@@ -23,7 +23,7 @@ package password.pwm.http.servlet.admin;
 import lombok.Builder;
 import lombok.Value;
 import password.pwm.PwmAboutProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.DataStorageMethod;
@@ -118,7 +118,7 @@ public class AppDashboardData implements Serializable
 
 
     public static AppDashboardData makeDashboardData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final ContextManager contextManager,
             final Locale locale,
             final Flag... flags
@@ -128,14 +128,14 @@ public class AppDashboardData implements Serializable
         final Instant startTime = Instant.now();
 
         final AppDashboardDataBuilder builder = AppDashboardData.builder();
-        builder.about( makeAboutData( pwmApplication, contextManager, locale ) );
-        builder.services( getServiceData( pwmApplication ) );
-        builder.localDbInfo( makeLocalDbInfo( pwmApplication, locale ) );
-        builder.javaAbout( makeAboutJavaData( pwmApplication, locale ) );
+        builder.about( makeAboutData( pwmDomain, contextManager, locale ) );
+        builder.services( getServiceData( pwmDomain ) );
+        builder.localDbInfo( makeLocalDbInfo( pwmDomain, locale ) );
+        builder.javaAbout( makeAboutJavaData( pwmDomain, locale ) );
 
         if ( JavaHelper.enumArrayContainsValue( flags, Flag.IncludeLocalDbTableSizes ) )
         {
-            builder.localDbSizes( makeLocalDbTableSizes( pwmApplication, locale ) );
+            builder.localDbSizes( makeLocalDbTableSizes( pwmDomain, locale ) );
         }
         else
         {
@@ -151,39 +151,39 @@ public class AppDashboardData implements Serializable
             builder.threads( Collections.emptyList() );
         }
 
-        builder.nodeData = makeNodeData( pwmApplication, locale );
-        builder.nodeSummary = pwmApplication.getClusterService().isMaster()
+        builder.nodeData = makeNodeData( pwmDomain, locale );
+        builder.nodeSummary = pwmDomain.getClusterService().isMaster()
                 ? "This node is the current master"
                 : "This node is not the current master";
         {
-            final Collection<DataStorageMethod> dataStorageMethods = pwmApplication.getClusterService().serviceInfo().getStorageMethods();
+            final Collection<DataStorageMethod> dataStorageMethods = pwmDomain.getClusterService().serviceInfo().getStorageMethods();
             if ( !JavaHelper.isEmpty( dataStorageMethods ) )
             {
                 builder.nodeStorageMethod = dataStorageMethods.iterator().next();
             }
         }
 
-        builder.ldapConnectionCount( ldapConnectionCount( pwmApplication ) );
-        builder.sessionCount( pwmApplication.getSessionTrackService().sessionCount() );
-        builder.requestsInProgress( pwmApplication.getActiveServletRequests().get() );
+        builder.ldapConnectionCount( ldapConnectionCount( pwmDomain ) );
+        builder.sessionCount( pwmDomain.getSessionTrackService().sessionCount() );
+        builder.requestsInProgress( pwmDomain.getActiveServletRequests().get() );
 
         LOGGER.trace( () -> "AppDashboardData bean created in ", () -> TimeDuration.fromCurrent( startTime ) );
         return builder.build();
     }
 
-    private static int ldapConnectionCount( final PwmApplication pwmApplication )
+    private static int ldapConnectionCount( final PwmDomain pwmDomain )
     {
-        return pwmApplication.getLdapConnectionService().connectionCount();
+        return pwmDomain.getLdapConnectionService().connectionCount();
     }
 
     private static List<DisplayElement> makeAboutData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final ContextManager contextManager,
             final Locale locale
     )
     {
-        final LocaleHelper.DisplayMaker l = new LocaleHelper.DisplayMaker( locale, Admin.class, pwmApplication );
-        final String notApplicableValue = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmApplication.getConfig() );
+        final LocaleHelper.DisplayMaker l = new LocaleHelper.DisplayMaker( locale, Admin.class, pwmDomain );
+        final String notApplicableValue = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmDomain.getConfig() );
         final PwmNumberFormat numberFormat = PwmNumberFormat.forLocale( locale );
 
         final List<DisplayElement> aboutData = new ArrayList<>();
@@ -209,31 +209,31 @@ public class AppDashboardData implements Serializable
                 "startupTime",
                 DisplayElement.Type.timestamp,
                 l.forKey( "Field_StartTime" ),
-                JavaHelper.toIsoDate( pwmApplication.getStartupTime() )
+                JavaHelper.toIsoDate( pwmDomain.getStartupTime() )
         ) );
         aboutData.add( new DisplayElement(
                 "runningDuration",
                 DisplayElement.Type.string,
                 l.forKey( "Field_UpTime" ),
-                TimeDuration.fromCurrent( pwmApplication.getStartupTime() ).asLongString( locale )
+                TimeDuration.fromCurrent( pwmDomain.getStartupTime() ).asLongString( locale )
         ) );
         aboutData.add( new DisplayElement(
                 "installTime",
                 DisplayElement.Type.timestamp,
                 l.forKey( "Field_InstallTime" ),
-                JavaHelper.toIsoDate( pwmApplication.getInstallTime() )
+                JavaHelper.toIsoDate( pwmDomain.getInstallTime() )
         ) );
         aboutData.add( new DisplayElement(
                 "siteURL",
                 DisplayElement.Type.string,
                 l.forKey( "Field_SiteURL" ),
-                pwmApplication.getConfig().readSettingAsString( PwmSetting.PWM_SITE_URL )
+                pwmDomain.getConfig().readSettingAsString( PwmSetting.PWM_SITE_URL )
         ) );
         aboutData.add( new DisplayElement(
                 "instanceID",
                 DisplayElement.Type.string,
                 l.forKey( "Field_InstanceID" ),
-                pwmApplication.getInstanceID()
+                pwmDomain.getInstanceID()
         ) );
         aboutData.add( new DisplayElement(
                 "configRestartCounter",
@@ -251,10 +251,10 @@ public class AppDashboardData implements Serializable
         return Collections.unmodifiableList( aboutData );
     }
 
-    private static List<ServiceData> getServiceData( final PwmApplication pwmApplication )
+    private static List<ServiceData> getServiceData( final PwmDomain pwmDomain )
     {
         final Map<String, ServiceData> returnData = new TreeMap<>();
-        for ( final PwmService pwmService : pwmApplication.getPwmServices() )
+        for ( final PwmService pwmService : pwmDomain.getPwmServices() )
         {
             final PwmService.ServiceInfo serviceInfo = pwmService.serviceInfo();
             final Collection<DataStorageMethod> storageMethods = serviceInfo == null
@@ -281,35 +281,35 @@ public class AppDashboardData implements Serializable
         return Collections.unmodifiableList( new ArrayList<>( returnData.values() ) );
     }
 
-    private static List<DisplayElement> makeLocalDbInfo( final PwmApplication pwmApplication, final Locale locale )
+    private static List<DisplayElement> makeLocalDbInfo( final PwmDomain pwmDomain, final Locale locale )
             throws PwmUnrecoverableException
     {
         final List<DisplayElement> localDbInfo = new ArrayList<>();
-        final String notApplicable = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmApplication.getConfig() );
+        final String notApplicable = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmDomain.getConfig() );
         final PwmNumberFormat numberFormat = PwmNumberFormat.forLocale( locale );
 
         localDbInfo.add( new DisplayElement(
                 "worlistSize",
                 DisplayElement.Type.number,
                 "Word List Dictionary Size",
-                numberFormat.format( pwmApplication.getWordlistService().size() )
+                numberFormat.format( pwmDomain.getWordlistService().size() )
         ) );
 
         localDbInfo.add( new DisplayElement(
                 "seedlistSize",
                 DisplayElement.Type.number,
                 "Seed List Dictionary Size",
-                numberFormat.format( pwmApplication.getSeedlistManager().size() )
+                numberFormat.format( pwmDomain.getSeedlistManager().size() )
         ) );
 
         localDbInfo.add( new DisplayElement(
                 "sharedHistorySize",
                 DisplayElement.Type.number,
                 "Shared Password History Size",
-                numberFormat.format( pwmApplication.getSharedHistoryManager().size() )
+                numberFormat.format( pwmDomain.getSharedHistoryManager().size() )
         ) );
         {
-            final Instant oldestEntryAge = pwmApplication.getSharedHistoryManager().getOldestEntryTime();
+            final Instant oldestEntryAge = pwmDomain.getSharedHistoryManager().getOldestEntryTime();
             final String display = oldestEntryAge == null
                     ? notApplicable
                     : TimeDuration.fromCurrent( oldestEntryAge ).asCompactString();
@@ -324,28 +324,28 @@ public class AppDashboardData implements Serializable
                 "emailQueueSize",
                 DisplayElement.Type.number,
                 "Email Queue Size",
-                numberFormat.format( pwmApplication.getEmailQueue().queueSize() )
+                numberFormat.format( pwmDomain.getEmailQueue().queueSize() )
         ) );
         localDbInfo.add( new DisplayElement(
                 "smsQueueSize",
                 DisplayElement.Type.number,
                 "SMS Queue Size",
-                numberFormat.format( pwmApplication.getSmsQueue().queueSize() )
+                numberFormat.format( pwmDomain.getSmsQueue().queueSize() )
         ) );
         localDbInfo.add( new DisplayElement(
                 "sharedHistorySize",
                 DisplayElement.Type.number,
                 "Syslog Queue Size",
-                String.valueOf( pwmApplication.getAuditManager().syslogQueueSize() )
+                String.valueOf( pwmDomain.getAuditManager().syslogQueueSize() )
         ) );
         localDbInfo.add( new DisplayElement(
                 "localAuditRecords",
                 DisplayElement.Type.number,
                 "Audit Records",
-                pwmApplication.getAuditManager().sizeToDebugString()
+                pwmDomain.getAuditManager().sizeToDebugString()
         ) );
         {
-            final Instant eldestAuditRecord = pwmApplication.getAuditManager().eldestVaultRecord();
+            final Instant eldestAuditRecord = pwmDomain.getAuditManager().eldestVaultRecord();
             final String display = eldestAuditRecord != null
                     ? TimeDuration.fromCurrent( eldestAuditRecord ).asLongString()
                     : notApplicable;
@@ -360,11 +360,11 @@ public class AppDashboardData implements Serializable
                 "logEvents",
                 DisplayElement.Type.number,
                 "Log Events",
-                pwmApplication.getLocalDBLogger().sizeToDebugString()
+                pwmDomain.getLocalDBLogger().sizeToDebugString()
         ) );
         {
-            final String display = pwmApplication.getLocalDBLogger() != null && pwmApplication.getLocalDBLogger().getTailDate() != null
-                    ? TimeDuration.fromCurrent( pwmApplication.getLocalDBLogger().getTailDate() ).asLongString()
+            final String display = pwmDomain.getLocalDBLogger() != null && pwmDomain.getLocalDBLogger().getTailDate() != null
+                    ? TimeDuration.fromCurrent( pwmDomain.getLocalDBLogger().getTailDate() ).asLongString()
                     : notApplicable;
             localDbInfo.add( new DisplayElement(
                     "oldestLogEvents",
@@ -374,12 +374,12 @@ public class AppDashboardData implements Serializable
             ) );
         }
         {
-            final String display = pwmApplication.getLocalDB() == null
+            final String display = pwmDomain.getLocalDB() == null
                     ? notApplicable
-                    : pwmApplication.getLocalDB().getFileLocation() == null
+                    : pwmDomain.getLocalDB().getFileLocation() == null
                     ? notApplicable
                     : StringUtil.formatDiskSize( FileSystemUtility.getFileDirectorySize(
-                    pwmApplication.getLocalDB().getFileLocation() ) );
+                    pwmDomain.getLocalDB().getFileLocation() ) );
             localDbInfo.add( new DisplayElement(
                     "localDbSizeOnDisk",
                     DisplayElement.Type.string,
@@ -388,11 +388,11 @@ public class AppDashboardData implements Serializable
             ) );
         }
         {
-            final String display = pwmApplication.getLocalDB() == null
+            final String display = pwmDomain.getLocalDB() == null
                     ? notApplicable
-                    : pwmApplication.getLocalDB().getFileLocation() == null
+                    : pwmDomain.getLocalDB().getFileLocation() == null
                     ? notApplicable
-                    : StringUtil.formatDiskSize( FileSystemUtility.diskSpaceRemaining( pwmApplication.getLocalDB().getFileLocation() ) );
+                    : StringUtil.formatDiskSize( FileSystemUtility.diskSpaceRemaining( pwmDomain.getLocalDB().getFileLocation() ) );
             localDbInfo.add( new DisplayElement(
                     "localDbFreeSpace",
                     DisplayElement.Type.string,
@@ -405,12 +405,12 @@ public class AppDashboardData implements Serializable
     }
 
     private static Map<LocalDB.DB, String> makeLocalDbTableSizes(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final Locale locale
     )
     {
         final Map<LocalDB.DB, String> returnData = new LinkedHashMap<>();
-        final LocalDB localDB = pwmApplication.getLocalDB();
+        final LocalDB localDB = pwmDomain.getLocalDB();
         final PwmNumberFormat numberFormat = PwmNumberFormat.forLocale( locale );
         try
         {
@@ -428,13 +428,13 @@ public class AppDashboardData implements Serializable
 
 
     private static List<DisplayElement> makeAboutJavaData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final Locale locale
     )
     {
-        final Map<PwmAboutProperty, String> aboutMap = PwmAboutProperty.makeInfoBean( pwmApplication );
+        final Map<PwmAboutProperty, String> aboutMap = PwmAboutProperty.makeInfoBean( pwmDomain );
         final List<DisplayElement> javaInfo = new ArrayList<>();
-        final String notApplicable = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmApplication.getConfig() );
+        final String notApplicable = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmDomain.getConfig() );
 
         {
             final List<PwmAboutProperty> interestedProperties = Arrays.asList(
@@ -467,8 +467,8 @@ public class AppDashboardData implements Serializable
         {
             final PwmNumberFormat numberFormat = PwmNumberFormat.forLocale( locale );
 
-            final String display = numberFormat.format( pwmApplication.getResourceServletService().itemsInCache() )
-                    + " items (" + numberFormat.format( pwmApplication.getResourceServletService().bytesInCache() ) + " bytes)";
+            final String display = numberFormat.format( pwmDomain.getResourceServletService().itemsInCache() )
+                    + " items (" + numberFormat.format( pwmDomain.getResourceServletService().bytesInCache() ) + " bytes)";
 
             javaInfo.add( new DisplayElement(
                     "resourceFileServletCacheSize",
@@ -482,11 +482,11 @@ public class AppDashboardData implements Serializable
                 "resourceFileServletCacheHitRatio",
                 DisplayElement.Type.string,
                 "ResourceFileServlet Cache Hit Ratio",
-                pwmApplication.getResourceServletService().cacheHitRatio().pretty( 2 )
+                pwmDomain.getResourceServletService().cacheHitRatio().pretty( 2 )
         ) );
 
         {
-            final Map<SessionTrackService.DebugKey, String> debugInfoMap = pwmApplication.getSessionTrackService().getDebugData();
+            final Map<SessionTrackService.DebugKey, String> debugInfoMap = pwmDomain.getSessionTrackService().getDebugData();
 
             javaInfo.add( new DisplayElement(
                     "sessionTotalSize",
@@ -523,21 +523,21 @@ public class AppDashboardData implements Serializable
     }
 
     private static List<NodeData> makeNodeData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final Locale locale
     )
     {
-        if ( pwmApplication.getClusterService().status() != PwmService.STATUS.OPEN )
+        if ( pwmDomain.getClusterService().status() != PwmService.STATUS.OPEN )
         {
             return Collections.emptyList();
         }
 
-        final String notApplicable = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmApplication.getConfig() );
+        final String notApplicable = Display.getLocalizedMessage( locale, Display.Value_NotApplicable, pwmDomain.getConfig() );
         final List<NodeData> nodeData = new ArrayList<>();
 
         try
         {
-            for ( final NodeInfo nodeInfo : pwmApplication.getClusterService().nodes() )
+            for ( final NodeInfo nodeInfo : pwmDomain.getClusterService().nodes() )
             {
 
                 final String uptime = nodeInfo.getStartupTime() == null

server/src/main/java/password/pwm/http/servlet/admin/UserDebugDataReader.java

@@ -22,7 +22,7 @@ package password.pwm.http.servlet.admin;
 
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
 import password.pwm.bean.pub.PublicUserInfoBean;
@@ -55,7 +55,7 @@ public class UserDebugDataReader
     private static final PwmLogger LOGGER = PwmLogger.forClass( UserDebugDataReader.class );
 
     public static UserDebugDataBean readUserDebugData(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final Locale locale,
             final SessionLabel sessionLabel,
             final UserIdentity userIdentity
@@ -64,16 +64,16 @@ public class UserDebugDataReader
     {
 
 
-        final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxyForOfflineUser( pwmApplication, sessionLabel, userIdentity );
+        final UserInfo userInfo = UserInfoFactory.newUserInfoUsingProxyForOfflineUser( pwmDomain, sessionLabel, userIdentity );
 
-        final Map<Permission, String> permissions = UserDebugDataReader.permissionMap( pwmApplication, sessionLabel, userIdentity );
+        final Map<Permission, String> permissions = UserDebugDataReader.permissionMap( pwmDomain, sessionLabel, userIdentity );
 
-        final Map<ProfileDefinition, String> profiles = UserDebugDataReader.profileMap( pwmApplication, sessionLabel, userIdentity );
+        final Map<ProfileDefinition, String> profiles = UserDebugDataReader.profileMap( pwmDomain, sessionLabel, userIdentity );
 
-        final PwmPasswordPolicy ldapPasswordPolicy = PasswordUtility.readLdapPasswordPolicy( pwmApplication, pwmApplication.getProxiedChaiUser( userIdentity ) );
+        final PwmPasswordPolicy ldapPasswordPolicy = PasswordUtility.readLdapPasswordPolicy( pwmDomain, pwmDomain.getProxiedChaiUser( userIdentity ) );
 
         final PwmPasswordPolicy configPasswordPolicy = PasswordUtility.determineConfiguredPolicyProfileForUser(
-                pwmApplication,
+                pwmDomain,
                 sessionLabel,
                 userIdentity,
                 locale
@@ -82,20 +82,20 @@ public class UserDebugDataReader
         boolean readablePassword = false;
         try
         {
-            readablePassword = null != LdapOperationsHelper.readLdapPassword( pwmApplication, sessionLabel, userIdentity );
+            readablePassword = null != LdapOperationsHelper.readLdapPassword( pwmDomain, sessionLabel, userIdentity );
         }
         catch ( final ChaiUnavailableException e )
         {
             /* disregard */
         }
 
-        final MacroRequest macroRequest = MacroRequest.forUser( pwmApplication, locale, sessionLabel, userIdentity );
+        final MacroRequest macroRequest = MacroRequest.forUser( pwmDomain, locale, sessionLabel, userIdentity );
 
-        final PwNotifyUserStatus pwNotifyUserStatus = readPwNotifyUserStatus( pwmApplication, userIdentity, sessionLabel );
+        final PwNotifyUserStatus pwNotifyUserStatus = readPwNotifyUserStatus( pwmDomain, userIdentity, sessionLabel );
 
         return UserDebugDataBean.builder()
                 .userInfo( userInfo )
-                .publicUserInfoBean( PublicUserInfoBean.fromUserInfoBean( userInfo, pwmApplication.getConfig(), locale, macroRequest ) )
+                .publicUserInfoBean( PublicUserInfoBean.fromUserInfoBean( userInfo, pwmDomain.getConfig(), locale, macroRequest ) )
                 .permissions( permissions )
                 .profiles( profiles )
                 .ldapPasswordPolicy( ldapPasswordPolicy )
@@ -108,7 +108,7 @@ public class UserDebugDataReader
 
 
     private static Map<Permission, String> permissionMap(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final UserIdentity userIdentity
 
@@ -121,9 +121,9 @@ public class UserDebugDataReader
             final PwmSetting setting = permission.getPwmSetting();
             if ( !setting.isHidden() && !setting.getCategory().isHidden() && !setting.getCategory().hasProfiles() )
             {
-                final List<UserPermission> userPermission = pwmApplication.getConfig().readSettingAsUserPermission( permission.getPwmSetting() );
+                final List<UserPermission> userPermission = pwmDomain.getConfig().readSettingAsUserPermission( permission.getPwmSetting() );
                 final boolean result = UserPermissionUtility.testUserPermission(
-                        pwmApplication,
+                        pwmDomain,
                         sessionLabel,
                         userIdentity,
                         userPermission
@@ -136,7 +136,7 @@ public class UserDebugDataReader
     }
 
     private static Map<ProfileDefinition, String> profileMap(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final SessionLabel sessionLabel,
             final UserIdentity userIdentity
     )
@@ -148,7 +148,7 @@ public class UserDebugDataReader
             if ( profileDefinition.getQueryMatch().isPresent() && profileDefinition.getProfileFactoryClass().isPresent() )
             {
                 ProfileUtility.discoverProfileIDForUser(
-                        pwmApplication,
+                        pwmDomain,
                         sessionLabel,
                         userIdentity,
                         profileDefinition
@@ -160,16 +160,16 @@ public class UserDebugDataReader
     }
 
     private static PwNotifyUserStatus readPwNotifyUserStatus(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final UserIdentity userIdentity,
             final SessionLabel sessionLabel
     )
     {
-        if ( pwmApplication.getPwNotifyService().status() == PwmService.STATUS.OPEN )
+        if ( pwmDomain.getPwNotifyService().status() == PwmService.STATUS.OPEN )
         {
             try
             {
-                final Optional<PwNotifyUserStatus> value = pwmApplication.getPwNotifyService().readUserNotificationState( userIdentity, sessionLabel );
+                final Optional<PwNotifyUserStatus> value = pwmDomain.getPwNotifyService().readUserNotificationState( userIdentity, sessionLabel );
                 if ( value.isPresent() )
                 {
                     return value.get();

server/src/main/java/password/pwm/http/servlet/changepw/ChangePasswordServlet.java

@@ -23,7 +23,7 @@ package password.pwm.http.servlet.changepw;
 import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.LocalSessionStateBean;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.config.PwmSetting;
@@ -508,8 +508,8 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
     private void forwardToWaitPage( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, ServletException, IOException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final ChangePasswordBean changePasswordBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final ChangePasswordBean changePasswordBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
         final Instant maxCompleteTime = changePasswordBean.getChangePasswordMaxCompletion();
         pwmRequest.setAttribute(
                 PwmRequestAttribute.ChangePassword_MaxWaitSeconds,
@@ -529,10 +529,10 @@ public abstract class ChangePasswordServlet extends ControlledPwmServlet
             throws PwmUnrecoverableException, IOException, ServletException
     {
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final ChangePasswordBean changePasswordBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final ChangePasswordBean changePasswordBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
 
-        if ( !pwmApplication.getConfig().readSettingAsBoolean( PwmSetting.CHANGE_PASSWORD_ENABLE ) )
+        if ( !pwmDomain.getConfig().readSettingAsBoolean( PwmSetting.CHANGE_PASSWORD_ENABLE ) )
         {
             pwmRequest.respondWithError( new ErrorInformation(
                     PwmError.ERROR_SERVICE_NOT_AVAILABLE,

server/src/main/java/password/pwm/http/servlet/changepw/ChangePasswordServletUtil.java

@@ -23,11 +23,11 @@ package password.pwm.http.servlet.changepw;
 import com.novell.ldapchai.ChaiUser;
 import com.novell.ldapchai.exception.ChaiOperationException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.bean.PasswordStatus;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.RequireCurrentPasswordMode;
 import password.pwm.config.profile.ChangePasswordProfile;
@@ -148,7 +148,7 @@ public class ChangePasswordServletUtil
     )
             throws PwmUnrecoverableException
     {
-        final Configuration config = pwmRequest.getConfig();
+        final DomainConfig config = pwmRequest.getConfig();
         final Locale locale = pwmRequest.getLocale();
         final EmailItemBean configuredEmailSetting = config.readSettingAsEmail( PwmSetting.EMAIL_CHANGEPASSWORD, locale );
 
@@ -158,8 +158,8 @@ public class ChangePasswordServletUtil
             return;
         }
 
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        pwmApplication.getEmailQueue().submitEmail(
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        pwmDomain.getEmailQueue().submitEmail(
                 configuredEmailSetting,
                 pwmRequest.getPwmSession().getUserInfo(),
 
@@ -211,19 +211,19 @@ public class ChangePasswordServletUtil
     )
             throws ChaiUnavailableException, PwmUnrecoverableException, PwmOperationalException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         // password accepted, setup change password
-        final ChangePasswordBean cpb = pwmApplication.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
+        final ChangePasswordBean cpb = pwmDomain.getSessionStateService().getBean( pwmRequest, ChangePasswordBean.class );
 
         // change password
-        PasswordUtility.setActorPassword( pwmRequest, pwmApplication, newPassword );
+        PasswordUtility.setActorPassword( pwmRequest, pwmDomain, newPassword );
 
         //init values for progress screen
         {
             final PasswordChangeProgressChecker.ProgressTracker tracker = new PasswordChangeProgressChecker.ProgressTracker();
             final PasswordChangeProgressChecker checker = new PasswordChangeProgressChecker(
-                    pwmApplication,
+                    pwmDomain,
                     ChangePasswordServlet.getProfile( pwmRequest ),
                     pwmRequest.getUserInfoIfLoggedIn(),
                     pwmRequest.getLabel(),
@@ -237,7 +237,7 @@ public class ChangePasswordServletUtil
         ChangePasswordServletUtil.sendChangePasswordEmailNotice( pwmRequest );
 
         // send audit event
-        pwmApplication.getAuditManager().submit( AuditEvent.CHANGE_PASSWORD, pwmSession.getUserInfo(), pwmSession );
+        pwmDomain.getAuditManager().submit( AuditEvent.CHANGE_PASSWORD, pwmSession.getUserInfo(), pwmSession );
     }
 
     static boolean warnPageShouldBeShown(

server/src/main/java/password/pwm/http/servlet/configeditor/ConfigEditorServlet.java

@@ -27,7 +27,7 @@ import password.pwm.PwmConstants;
 import password.pwm.bean.EmailItemBean;
 import password.pwm.bean.SmsItemBean;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingCategory;
 import password.pwm.config.PwmSettingTemplate;
@@ -567,7 +567,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final ConfigManagerBean configManagerBean = getBean( pwmRequest );
         LOGGER.debug( pwmRequest, () -> "beginning restLdapHealthCheck" );
         final String profileID = pwmRequest.readParameterAsString( "profile" );
-        final Configuration config = new Configuration( configManagerBean.getStoredConfiguration() );
+        final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
         final HealthData healthData = LDAPHealthChecker.healthForNewConfiguration( pwmRequest.getPwmApplication(), config, pwmRequest.getLocale(), profileID, true, true );
         final RestResultBean restResultBean = RestResultBean.withData( healthData );
 
@@ -585,7 +585,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final Instant startTime = Instant.now();
         final ConfigManagerBean configManagerBean = getBean( pwmRequest );
         LOGGER.debug( pwmRequest, () -> "beginning restDatabaseHealthCheck" );
-        final Configuration config = new Configuration( configManagerBean.getStoredConfiguration() );
+        final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
         final List<HealthRecord> healthRecords = DatabaseStatusChecker.checkNewDatabaseStatus( pwmRequest.getPwmApplication(), config );
         final HealthData healthData = HealthRecord.asHealthDataBean( config, pwmRequest.getLocale(), healthRecords );
         final RestResultBean restResultBean = RestResultBean.withData( healthData );
@@ -604,7 +604,7 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final ConfigManagerBean configManagerBean = getBean( pwmRequest );
         LOGGER.debug( pwmRequest, () -> "beginning restSmsHealthCheck" );
 
-        final Configuration config = new Configuration( configManagerBean.getStoredConfiguration() );
+        final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
         final StringBuilder output = new StringBuilder();
         output.append( "beginning SMS send process:\n" );
 
@@ -657,19 +657,19 @@ public class ConfigEditorServlet extends ControlledPwmServlet
         final StringBuilder output = new StringBuilder();
         output.append( "beginning EMail send process:\n" );
 
-        final Configuration testConfiguration = new Configuration( configManagerBean.getStoredConfiguration() );
+        final DomainConfig testDomainConfig = new DomainConfig( configManagerBean.getStoredConfiguration() );
 
-        final EmailServerProfile emailServerProfile = testConfiguration.getEmailServerProfiles().get( profileID );
+        final EmailServerProfile emailServerProfile = testDomainConfig.getEmailServerProfiles().get( profileID );
         if ( emailServerProfile != null )
         {
-            final Optional<EmailServer> emailServer = EmailServerUtil.makeEmailServer( testConfiguration, emailServerProfile, null );
+            final Optional<EmailServer> emailServer = EmailServerUtil.makeEmailServer( testDomainConfig, emailServerProfile, null );
             if ( emailServer.isPresent() )
             {
                 final MacroRequest macroRequest = SampleDataGenerator.sampleMacroRequest( pwmRequest.getPwmApplication() );
 
                 try
                 {
-                    EmailService.sendEmailSynchronous( emailServer.get(), testConfiguration, testEmailItem, macroRequest );
+                    EmailService.sendEmailSynchronous( emailServer.get(), testDomainConfig, testEmailItem, macroRequest );
                    output.append( "message delivered" );
                 }
                 catch ( final PwmException e )

server/src/main/java/password/pwm/http/servlet/configeditor/ConfigEditorServletUtils.java

@@ -22,7 +22,7 @@ package password.pwm.http.servlet.configeditor;
 
 import password.pwm.AppProperty;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingSyntax;
 import password.pwm.config.stored.StoredConfigItemKey;
@@ -162,7 +162,7 @@ public class ConfigEditorServletUtils
         {
             final Locale locale = pwmRequest.getLocale();
             final ConfigurationChecker configurationChecker = new ConfigurationChecker();
-            final Configuration config = new Configuration( configManagerBean.getStoredConfiguration() );
+            final DomainConfig config = new DomainConfig( configManagerBean.getStoredConfiguration() );
             final List<HealthRecord> healthRecords = configurationChecker.doHealthCheck(
                     config,
                     pwmRequest.getLocale()

server/src/main/java/password/pwm/http/servlet/configeditor/data/NavTreeDataMaker.java

@@ -20,10 +20,10 @@
 
 package password.pwm.http.servlet.configeditor.data;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.PwmEnvironment;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingCategory;
 import password.pwm.config.stored.StoredConfiguration;
@@ -55,7 +55,7 @@ public class NavTreeDataMaker
     private static final String ROOT_NODE_ID = "ROOT";
 
     public static List<NavTreeItem> makeNavTreeItems(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final StoredConfiguration storedConfiguration,
             final NavTreeSettings navTreeSettings
     )
@@ -67,10 +67,10 @@ public class NavTreeDataMaker
         navigationData.add( makeRootNode() );
 
         // add setting nodes
-        navigationData.addAll( makeSettingNavItems( pwmApplication, storedConfiguration, navTreeSettings ) );
+        navigationData.addAll( makeSettingNavItems( pwmDomain, storedConfiguration, navTreeSettings ) );
 
         // add display text nodes
-        navigationData.addAll( makeDisplayTextNavItems( pwmApplication, storedConfiguration, navTreeSettings ) );
+        navigationData.addAll( makeDisplayTextNavItems( pwmDomain, storedConfiguration, navTreeSettings ) );
 
         NavTreeDataMaker.moveNavItemToTopOfList( PwmSettingCategory.NOTES.toString(), navigationData );
         NavTreeDataMaker.moveNavItemToTopOfList( PwmSettingCategory.TEMPLATES.toString(), navigationData );
@@ -90,7 +90,7 @@ public class NavTreeDataMaker
     }
 
     private static List<NavTreeItem> makeDisplayTextNavItems(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final StoredConfiguration storedConfiguration,
             final NavTreeSettings navTreeSettings
     )
@@ -108,7 +108,7 @@ public class NavTreeDataMaker
                 if ( !localeBundle.isAdminOnly() )
                 {
                     final List<String> modifiedKeys = modifiedSettingsOnly
-                            ? new ArrayList<>( NavTreeDataMaker.determineModifiedDisplayKeysSettings( localeBundle, pwmApplication.getConfig(), storedConfiguration ) )
+                            ? new ArrayList<>( NavTreeDataMaker.determineModifiedDisplayKeysSettings( localeBundle, pwmDomain.getConfig(), storedConfiguration ) )
                             : Collections.emptyList();
 
                     if ( !modifiedSettingsOnly || !modifiedKeys.isEmpty() )
@@ -149,7 +149,7 @@ public class NavTreeDataMaker
 
     private static List<String> determineModifiedDisplayKeysSettings(
             final PwmLocaleBundle bundle,
-            final Configuration config,
+            final DomainConfig config,
             final StoredConfiguration storedConfiguration
     )
     {
@@ -181,7 +181,7 @@ public class NavTreeDataMaker
      * Produces a collection of {@code NavTreeItem}.
      */
     private static List<NavTreeItem> makeSettingNavItems(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final StoredConfiguration storedConfiguration,
             final NavTreeSettings navTreeSettings
     )
@@ -194,7 +194,7 @@ public class NavTreeDataMaker
             if ( !loopCategory.hasProfiles() )
             {
                 // regular category, so output a standard nav tree item
-                if ( categoryMatcher( pwmApplication, loopCategory, null, storedConfiguration, navTreeSettings ) )
+                if ( categoryMatcher( pwmDomain, loopCategory, null, storedConfiguration, navTreeSettings ) )
                 {
                     navigationData.add( navTreeItemForCategory( loopCategory, locale, null ) );
                 }
@@ -242,7 +242,7 @@ public class NavTreeDataMaker
                 {
                     for ( final String profileId : profiles )
                     {
-                        if ( categoryMatcher( pwmApplication, loopCategory, profileId, storedConfiguration, navTreeSettings ) )
+                        if ( categoryMatcher( pwmDomain, loopCategory, profileId, storedConfiguration, navTreeSettings ) )
                         {
                             navigationData.add( navTreeItemForCategory( loopCategory, locale, profileId ) );
                         }
@@ -280,7 +280,7 @@ public class NavTreeDataMaker
     }
 
     private static boolean categoryMatcher(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final PwmSettingCategory category,
             final String profile,
             final StoredConfiguration storedConfiguration,
@@ -294,7 +294,7 @@ public class NavTreeDataMaker
 
         if ( category == PwmSettingCategory.HTTPS_SERVER )
         {
-            if ( !pwmApplication.getPwmEnvironment().getFlags().contains( PwmEnvironment.ApplicationFlag.ManageHttps ) )
+            if ( !pwmDomain.getPwmEnvironment().getFlags().contains( PwmEnvironment.ApplicationFlag.ManageHttps ) )
             {
                 return false;
             }
@@ -302,7 +302,7 @@ public class NavTreeDataMaker
 
         for ( final PwmSettingCategory childCategory : category.getChildren() )
         {
-            if ( categoryMatcher( pwmApplication, childCategory, profile, storedConfiguration, navTreeSettings ) )
+            if ( categoryMatcher( pwmDomain, childCategory, profile, storedConfiguration, navTreeSettings ) )
             {
                 return true;
             }

server/src/main/java/password/pwm/http/servlet/configguide/ConfigGuideServlet.java

@@ -23,10 +23,10 @@ package password.pwm.http.servlet.configguide;
 import com.google.gson.reflect.TypeToken;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.profile.LdapProfile;
 import password.pwm.config.stored.ConfigurationProperty;
@@ -149,16 +149,16 @@ public class ConfigGuideServlet extends ControlledPwmServlet
     @Override
     public ProcessStatus preProcessCheck( final PwmRequest pwmRequest ) throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
-        if ( pwmApplication.getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class ).getStep() == GuideStep.START )
+        if ( pwmDomain.getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class ).getStep() == GuideStep.START )
         {
-            pwmApplication.getSessionStateService().clearBean( pwmRequest, ConfigGuideBean.class );
+            pwmDomain.getSessionStateService().clearBean( pwmRequest, ConfigGuideBean.class );
         }
 
-        final ConfigGuideBean configGuideBean = pwmApplication.getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class );
+        final ConfigGuideBean configGuideBean = pwmDomain.getSessionStateService().getBean( pwmRequest, ConfigGuideBean.class );
 
-        if ( pwmApplication.getApplicationMode() != PwmApplicationMode.NEW )
+        if ( pwmDomain.getApplicationMode() != PwmApplicationMode.NEW )
         {
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_SERVICE_NOT_AVAILABLE, "ConfigGuide unavailable unless in NEW mode" );
             LOGGER.error( pwmRequest, () -> errorInformation.toDebugStr() );
@@ -181,7 +181,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
                 final URI ldapServerUri = new URI( ldapServerString );
                 if ( "ldaps".equalsIgnoreCase( ldapServerUri.getScheme() ) )
                 {
-                    final Configuration tempConfig = new Configuration( ConfigGuideForm.generateStoredConfig( configGuideBean ) );
+                    final DomainConfig tempConfig = new DomainConfig( ConfigGuideForm.generateStoredConfig( configGuideBean ) );
                     configGuideBean.setLdapCertificates( X509Utils.readRemoteCertificates( ldapServerUri, tempConfig ) );
                     configGuideBean.setCertsTrustedbyKeystore( X509Utils.testIfLdapServerCertsInDefaultKeystore( ldapServerUri ) );
                 }
@@ -231,14 +231,14 @@ public class ConfigGuideServlet extends ControlledPwmServlet
         final ConfigGuideBean configGuideBean = getBean( pwmRequest );
 
         final StoredConfiguration storedConfiguration = ConfigGuideForm.generateStoredConfig( configGuideBean );
-        final Configuration tempConfiguration = new Configuration( storedConfiguration );
-        final PwmApplication tempApplication = PwmApplication.createPwmApplication( pwmRequest.getPwmApplication()
+        final DomainConfig tempDomainConfig = new DomainConfig( storedConfiguration );
+        final PwmDomain tempApplication = PwmDomain.createPwmApplication( pwmRequest.getPwmApplication()
                 .getPwmEnvironment()
-                .makeRuntimeInstance( tempConfiguration ) );
+                .makeRuntimeInstance( tempDomainConfig ) );
 
         final LDAPHealthChecker ldapHealthChecker = new LDAPHealthChecker();
         final List<HealthRecord> records = new ArrayList<>();
-        final LdapProfile ldapProfile = tempConfiguration.getDefaultLdapProfile();
+        final LdapProfile ldapProfile = tempDomainConfig.getDefaultLdapProfile();
 
         switch ( configGuideBean.getStep() )
         {
@@ -264,7 +264,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
             case LDAP_PROXY:
             {
-                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempConfiguration, ldapProfile, false ) );
+                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempDomainConfig, ldapProfile, false ) );
                 if ( records.isEmpty() )
                 {
                     records.add( password.pwm.health.HealthRecord.forMessage( HealthMessage.LDAP_OK ) );
@@ -274,7 +274,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
             case LDAP_CONTEXT:
             {
-                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempConfiguration, ldapProfile, true ) );
+                records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempDomainConfig, ldapProfile, true ) );
                 if ( records.isEmpty() )
                 {
                     records.add( HealthRecord.forMessage( HealthMessage.Config_SettingOk,
@@ -294,8 +294,8 @@ public class ConfigGuideServlet extends ControlledPwmServlet
                 final String testUserValue = configGuideBean.getFormData().get( ConfigGuideFormField.PARAM_LDAP_TEST_USER );
                 if ( testUserValue != null && !testUserValue.isEmpty() )
                 {
-                    records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempConfiguration, ldapProfile, false ) );
-                    records.addAll( ldapHealthChecker.doLdapTestUserCheck( tempConfiguration, ldapProfile, tempApplication ) );
+                    records.addAll( ldapHealthChecker.checkBasicLdapConnectivity( tempApplication, tempDomainConfig, ldapProfile, false ) );
+                    records.addAll( ldapHealthChecker.doLdapTestUserCheck( tempDomainConfig, ldapProfile, tempApplication ) );
                 }
                 else
                 {
@@ -309,7 +309,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
 
             case DATABASE:
             {
-                records.addAll( DatabaseStatusChecker.checkNewDatabaseStatus( pwmRequest.getPwmApplication(), tempConfiguration ) );
+                records.addAll( DatabaseStatusChecker.checkNewDatabaseStatus( pwmRequest.getPwmApplication(), tempDomainConfig ) );
             }
             break;
 
@@ -318,7 +318,7 @@ public class ConfigGuideServlet extends ControlledPwmServlet
         }
 
         final HealthData jsonOutput = HealthData.builder()
-                .records( password.pwm.ws.server.rest.bean.HealthRecord.fromHealthRecords( records, pwmRequest.getLocale(), tempConfiguration ) )
+                .records( password.pwm.ws.server.rest.bean.HealthRecord.fromHealthRecords( records, pwmRequest.getLocale(), tempDomainConfig ) )
                 .timestamp( Instant.now() )
                 .overall( HealthMonitor.getMostSevereHealthStatus( records ).toString() )
                 .build();

server/src/main/java/password/pwm/http/servlet/configguide/ConfigGuideUtils.java

@@ -24,11 +24,11 @@ import com.novell.ldapchai.provider.ChaiConfiguration;
 import com.novell.ldapchai.provider.ChaiProvider;
 import com.novell.ldapchai.provider.ChaiSetting;
 import org.apache.commons.fileupload.servlet.ServletFileUpload;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.function.UserMatchViewerFunction;
 import password.pwm.config.stored.ConfigurationProperty;
@@ -105,7 +105,7 @@ public class ConfigGuideUtils
             throws PwmOperationalException, PwmUnrecoverableException
     {
         final ConfigurationReader configReader = contextManager.getConfigReader();
-        final PwmApplication pwmApplication = contextManager.getPwmApplication();
+        final PwmDomain pwmDomain = contextManager.getPwmApplication();
 
         try
         {
@@ -113,7 +113,7 @@ public class ConfigGuideUtils
             // add a random security key
             StoredConfigurationUtil.initNewRandomSecurityKey( modifier );
 
-            configReader.saveConfiguration( modifier.newStoredConfiguration(), pwmApplication, null );
+            configReader.saveConfiguration( modifier.newStoredConfiguration(), pwmDomain, null );
 
             contextManager.requestPwmApplicationRestart();
         }
@@ -129,7 +129,7 @@ public class ConfigGuideUtils
     }
 
     public static SchemaOperationResult extendSchema(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final ConfigGuideBean configGuideBean,
             final boolean doSchemaExtension
     )
@@ -151,7 +151,7 @@ public class ConfigGuideUtils
                     .setSetting( ChaiSetting.PROMISCUOUS_SSL, "true" )
                     .build();
 
-            final ChaiProvider chaiProvider = pwmApplication.getLdapConnectionService().getChaiProviderFactory().newProvider( chaiConfiguration );
+            final ChaiProvider chaiProvider = pwmDomain.getLdapConnectionService().getChaiProviderFactory().newProvider( chaiConfiguration );
             if ( doSchemaExtension )
             {
                 return SchemaManager.extendSchema( chaiProvider );
@@ -214,7 +214,7 @@ public class ConfigGuideUtils
 
         if ( Boolean.parseBoolean( formData.get( ConfigGuideFormField.PARAM_LDAP_SECURE ) ) )
         {
-            final Configuration tempConfig = new Configuration( ConfigGuideForm.generateStoredConfig( configGuideBean ) );
+            final DomainConfig tempConfig = new DomainConfig( ConfigGuideForm.generateStoredConfig( configGuideBean ) );
             X509Utils.readRemoteCertificates( host, port, tempConfig );
         }
     }
@@ -223,10 +223,10 @@ public class ConfigGuideUtils
     public static void restUploadConfig( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
 
-        if ( pwmApplication.getApplicationMode() == PwmApplicationMode.RUNNING )
+        if ( pwmDomain.getApplicationMode() == PwmApplicationMode.RUNNING )
         {
             final String errorMsg = "config upload is not permitted when in running mode";
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.CONFIG_UPLOAD_FAILURE, errorMsg, new String[]
@@ -281,8 +281,8 @@ public class ConfigGuideUtils
         {
             final ConfigGuideBean configGuideBean = ConfigGuideServlet.getBean( pwmRequest );
             final Map<ConfigGuideFormField, String> form = configGuideBean.getFormData();
-            final PwmApplication tempApplication = PwmApplication.createPwmApplication(
-                    pwmRequest.getPwmApplication().getPwmEnvironment().makeRuntimeInstance( new Configuration( storedConfiguration ) ) );
+            final PwmDomain tempApplication = PwmDomain.createPwmApplication(
+                    pwmRequest.getPwmApplication().getPwmEnvironment().makeRuntimeInstance( new DomainConfig( storedConfiguration ) ) );
 
             final String adminDN = form.get( ConfigGuideFormField.PARAM_LDAP_ADMIN_USER );
             final UserIdentity adminIdentity = UserIdentity.createUserIdentity( adminDN, PwmConstants.PROFILE_ID_DEFAULT );

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerCertificatesServlet.java

@@ -23,7 +23,7 @@ package password.pwm.http.servlet.configmanager;
 import lombok.Builder;
 import lombok.Value;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.PwmSettingSyntax;
 import password.pwm.config.stored.StoredConfigItemKey;
@@ -116,9 +116,9 @@ public class ConfigManagerCertificatesServlet extends AbstractPwmServlet
         pwmRequest.forwardToJsp( JspUrl.CONFIG_MANAGER_CERTIFICATES );
     }
 
-    List<CertificateDebugDataItem> makeCertificateDebugData( final Configuration configuration ) throws PwmUnrecoverableException
+    List<CertificateDebugDataItem> makeCertificateDebugData( final DomainConfig domainConfig ) throws PwmUnrecoverableException
     {
-        final StoredConfiguration storedConfiguration = configuration.getStoredConfiguration();
+        final StoredConfiguration storedConfiguration = domainConfig.getStoredConfiguration();
         final Set<StoredConfigItemKey> modifiedSettings = storedConfiguration.modifiedItems();
 
         final List<CertificateDebugDataItem> certificateDebugDataItems = new ArrayList<>();

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerLocalDBServlet.java

@@ -22,10 +22,10 @@ package password.pwm.http.servlet.configmanager;
 
 import org.apache.commons.fileupload.servlet.ServletFileUpload;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
 import password.pwm.error.PwmException;
@@ -159,10 +159,10 @@ public class ConfigManagerLocalDBServlet extends AbstractPwmServlet
             throws IOException, ServletException, PwmUnrecoverableException
 
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
 
-        if ( pwmApplication.getApplicationMode() == PwmApplicationMode.RUNNING )
+        if ( pwmDomain.getApplicationMode() == PwmApplicationMode.RUNNING )
         {
             final String errorMsg = "database upload is not permitted when in running mode";
             final ErrorInformation errorInformation = new ErrorInformation( PwmError.CONFIG_UPLOAD_FAILURE, errorMsg, new String[]
@@ -188,13 +188,13 @@ public class ConfigManagerLocalDBServlet extends AbstractPwmServlet
         LocalDB localDB = null;
         try
         {
-            localDB = pwmApplication.getLocalDB();
-            final File localDBLocation = pwmApplication.getLocalDB().getFileLocation();
-            final Configuration configuration = pwmApplication.getConfig();
+            localDB = pwmDomain.getLocalDB();
+            final File localDBLocation = pwmDomain.getLocalDB().getFileLocation();
+            final DomainConfig domainConfig = pwmDomain.getConfig();
             contextManager.shutdown();
 
             localDB.close();
-            localDB = LocalDBFactory.getInstance( localDBLocation, false, null, configuration );
+            localDB = LocalDBFactory.getInstance( localDBLocation, false, null, domainConfig );
 
             final LocalDBUtility localDBUtility = new LocalDBUtility( localDB );
             LOGGER.info( pwmRequest, () -> "beginning LocalDB import" );

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerLoginServlet.java

@@ -25,7 +25,7 @@ import com.novell.ldapchai.exception.ChaiUnavailableException;
 import lombok.Value;
 import password.pwm.AppAttribute;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmApplicationMode;
 import password.pwm.PwmConstants;
 import password.pwm.bean.UserIdentity;
@@ -135,7 +135,7 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
     protected void processLoginRequest( final PwmRequest pwmRequest )
             throws PwmUnrecoverableException, IOException, ServletException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final ConfigurationReader runningConfigReader = ContextManager.getContextManager( pwmRequest.getHttpServletRequest().getSession() ).getConfigReader();
         final StoredConfiguration storedConfig = runningConfigReader.getStoredConfiguration();
 
@@ -152,8 +152,8 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
             else
             {
                 LOGGER.trace( pwmRequest, () -> "configuration password is not correct" );
-                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
-                pwmApplication.getIntruderManager().mark( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME, pwmRequest.getLabel() );
+                pwmDomain.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+                pwmDomain.getIntruderManager().mark( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME, pwmRequest.getLabel() );
                 final ErrorInformation errorInformation = new ErrorInformation( PwmError.ERROR_PASSWORD_ONLY_BAD );
                 updateLoginHistory( pwmRequest, pwmRequest.getUserInfoIfLoggedIn(), false );
                 setLastError( pwmRequest, errorInformation );
@@ -256,12 +256,12 @@ public class ConfigManagerLoginServlet extends AbstractPwmServlet
             throws PwmUnrecoverableException, IOException
     {
         final ConfigManagerBean configManagerBean = pwmRequest.getPwmApplication().getSessionStateService().getBean( pwmRequest, ConfigManagerBean.class );
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         configManagerBean.setPasswordVerified( true );
-        pwmApplication.getIntruderManager().convenience().clearAddressAndSession( pwmSession );
-        pwmApplication.getIntruderManager().clear( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME );
+        pwmDomain.getIntruderManager().convenience().clearAddressAndSession( pwmSession );
+        pwmDomain.getIntruderManager().clear( RecordType.USERNAME, PwmConstants.CONFIGMANAGER_INTRUDER_USERNAME );
         pwmRequest.getPwmSession().getSessionStateBean().setSessionIdRecycleNeeded( true );
         if ( persistentLoginEnabled && "on".equals( pwmRequest.readParameterAsString( "remember" ) ) )
         {

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerServlet.java

@@ -25,7 +25,7 @@ import org.apache.commons.csv.CSVPrinter;
 import org.apache.commons.io.IOUtils;
 import password.pwm.AppProperty;
 import password.pwm.Permission;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.config.stored.ConfigurationProperty;
 import password.pwm.config.stored.ConfigurationReader;
@@ -226,7 +226,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
     private void restLockConfiguration( final PwmRequest pwmRequest )
             throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
 
         if ( PwmConstants.TRIAL_MODE )
@@ -240,7 +240,7 @@ public class ConfigManagerServlet extends AbstractPwmServlet
         }
 
         if ( !pwmSession.isAuthenticated()
-                || !pwmSession.getSessionManager().checkPermission( pwmApplication, Permission.PWMADMIN ) )
+                || !pwmSession.getSessionManager().checkPermission( pwmDomain, Permission.PWMADMIN ) )
         {
             final ErrorInformation errorInfo = new ErrorInformation(
                     PwmError.ERROR_AUTHENTICATION_REQUIRED,

server/src/main/java/password/pwm/http/servlet/configmanager/ConfigManagerWordlistServlet.java

@@ -23,7 +23,7 @@ package password.pwm.http.servlet.configmanager;
 import lombok.Builder;
 import lombok.Value;
 import org.apache.commons.fileupload.servlet.ServletFileUpload;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.error.ErrorInformation;
 import password.pwm.error.PwmError;
@@ -138,7 +138,7 @@ public class ConfigManagerWordlistServlet extends AbstractPwmServlet
             throws IOException, ServletException, PwmUnrecoverableException
 
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final HttpServletRequest req = pwmRequest.getHttpServletRequest();
         final String wordlistTypeParam = pwmRequest.readParameterAsString( "wordlist" );
         final WordlistType wordlistType = WordlistType.valueOf( wordlistTypeParam );
@@ -163,7 +163,7 @@ public class ConfigManagerWordlistServlet extends AbstractPwmServlet
 
         try
         {
-            wordlistType.forType( pwmApplication ).populate( inputStream );
+            wordlistType.forType( pwmDomain ).populate( inputStream );
         }
         catch ( final PwmUnrecoverableException e )
         {

server/src/main/java/password/pwm/http/servlet/configmanager/DebugItemGenerator.java

@@ -26,11 +26,11 @@ import org.apache.commons.csv.CSVPrinter;
 import org.apache.commons.io.output.CountingOutputStream;
 import password.pwm.AppProperty;
 import password.pwm.PwmAboutProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.bean.SessionLabel;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.value.StoredValue;
 import password.pwm.config.stored.StoredConfigItemKey;
 import password.pwm.config.stored.StoredConfiguration;
@@ -126,20 +126,20 @@ public class DebugItemGenerator
             BuildInformationDebugItemGenerator.class
     ) );
 
-    private final PwmApplication pwmApplication;
-    private final Configuration obfuscatedConfiguration;
+    private final PwmDomain pwmDomain;
+    private final DomainConfig obfuscatedDomainConfig;
     private final SessionLabel sessionLabel;
 
     private static final Locale LOCALE = PwmConstants.DEFAULT_LOCALE;
 
-    public DebugItemGenerator( final PwmApplication pwmApplication, final SessionLabel sessionLabel )
+    public DebugItemGenerator( final PwmDomain pwmDomain, final SessionLabel sessionLabel )
             throws PwmUnrecoverableException
     {
-        this.pwmApplication = pwmApplication;
+        this.pwmDomain = pwmDomain;
         this.sessionLabel = sessionLabel;
 
-        final StoredConfiguration obfuscatedStoredConfig = StoredConfigurationUtil.copyConfigAndBlankAllPasswords( pwmApplication.getConfig().getStoredConfiguration() );
-        this.obfuscatedConfiguration = new Configuration( obfuscatedStoredConfig );
+        final StoredConfiguration obfuscatedStoredConfig = StoredConfigurationUtil.copyConfigAndBlankAllPasswords( pwmDomain.getConfig().getStoredConfiguration() );
+        this.obfuscatedDomainConfig = new DomainConfig( obfuscatedStoredConfig );
     }
 
     private String getFilenameBase()
@@ -158,7 +158,7 @@ public class DebugItemGenerator
         final String debugFileName = "zipDebugGeneration.csv";
         final Instant startTime = Instant.now();
         final DebugOutputBuilder debugGeneratorLogFile = new DebugOutputBuilder();
-        final DebugItemInput debugItemInput = new DebugItemInput( pwmApplication, sessionLabel, obfuscatedConfiguration );
+        final DebugItemInput debugItemInput = new DebugItemInput( pwmDomain, sessionLabel, obfuscatedDomainConfig );
         debugGeneratorLogFile.appendLine( "beginning debug output" );
         final String pathPrefix = getFilenameBase() + "/";
 
@@ -220,7 +220,7 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedConfiguration().getStoredConfiguration();
+            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedDomainConfig().getStoredConfiguration();
             final TreeMap<String, Object> outputObject = new TreeMap<>();
 
             for ( final StoredConfigItemKey storedConfigItemKey : storedConfiguration.modifiedItems() )
@@ -250,7 +250,7 @@ public class DebugItemGenerator
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
             final Locale locale = PwmConstants.DEFAULT_LOCALE;
-            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedConfiguration().getStoredConfiguration();
+            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedDomainConfig().getStoredConfiguration();
 
             final StringWriter writer = new StringWriter();
             writer.write( "Configuration Debug Output for "
@@ -292,7 +292,7 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedConfiguration().getStoredConfiguration();
+            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedDomainConfig().getStoredConfiguration();
 
             // temporary output stream required because .toXml closes stream.
             final ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
@@ -315,7 +315,7 @@ public class DebugItemGenerator
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
             final Properties outputProps = new JavaHelper.SortedProperties();
-            final Map<PwmAboutProperty, String> infoBean = PwmAboutProperty.makeInfoBean( debugItemInput.getPwmApplication() );
+            final Map<PwmAboutProperty, String> infoBean = PwmAboutProperty.makeInfoBean( debugItemInput.getPwmDomain() );
             outputProps.putAll( PwmAboutProperty.toStringMap( infoBean ) );
             outputProps.store( outputStream, JavaHelper.toIsoDate( Instant.now() ) );
         }
@@ -350,7 +350,7 @@ public class DebugItemGenerator
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
 
-            final Configuration config = debugItemInput.getObfuscatedConfiguration();
+            final DomainConfig config = debugItemInput.getObfuscatedDomainConfig();
             final Properties outputProps = new JavaHelper.SortedProperties();
 
             for ( final AppProperty appProperty : AppProperty.values() )
@@ -373,13 +373,13 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
             final LinkedHashMap<String, Object> outputMap = new LinkedHashMap<>();
 
             {
                 // services info
                 final LinkedHashMap<String, Object> servicesMap = new LinkedHashMap<>();
-                for ( final PwmService service : pwmApplication.getPwmServices() )
+                for ( final PwmService service : pwmDomain.getPwmServices() )
                 {
                     final LinkedHashMap<String, Object> serviceOutput = new LinkedHashMap<>();
                     serviceOutput.put( "name", service.getClass().getSimpleName() );
@@ -409,11 +409,11 @@ public class DebugItemGenerator
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
             final Locale locale = PwmConstants.DEFAULT_LOCALE;
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final Set<HealthRecord> records = pwmApplication.getHealthMonitor().getHealthRecords();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final Set<HealthRecord> records = pwmDomain.getHealthMonitor().getHealthRecords();
 
             final List<HealthDebugInfo> outputInfos = new ArrayList<>();
-            records.forEach( healthRecord -> outputInfos.add( new HealthDebugInfo( healthRecord, healthRecord.getDetail( locale,  debugItemInput.obfuscatedConfiguration ) ) ) );
+            records.forEach( healthRecord -> outputInfos.add( new HealthDebugInfo( healthRecord, healthRecord.getDetail( locale,  debugItemInput.obfuscatedDomainConfig ) ) ) );
             final String recordJson = JsonUtil.serializeCollection( outputInfos, JsonUtil.Flag.PrettyPrint );
             outputStream.write( recordJson.getBytes( PwmConstants.DEFAULT_CHARSET ) );
         }
@@ -462,9 +462,9 @@ public class DebugItemGenerator
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
             final List<LdapDebugDataGenerator.LdapDebugInfo> ldapDebugInfos = LdapDebugDataGenerator.makeLdapDebugInfos(
-                    debugItemInput.getPwmApplication(),
+                    debugItemInput.getPwmDomain(),
                     debugItemInput.getSessionLabel(),
-                    debugItemInput.getObfuscatedConfiguration(),
+                    debugItemInput.getObfuscatedDomainConfig(),
                     LOCALE
             );
             final Writer writer = new OutputStreamWriter( outputStream, PwmConstants.DEFAULT_CHARSET );
@@ -485,15 +485,15 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final File applicationPath = pwmApplication.getPwmEnvironment().getApplicationPath();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final File applicationPath = pwmDomain.getPwmEnvironment().getApplicationPath();
             final List<File> interestedFiles = new ArrayList<>(  );
 
-            if ( pwmApplication.getPwmEnvironment().getContextManager() != null )
+            if ( pwmDomain.getPwmEnvironment().getContextManager() != null )
             {
                 try
                 {
-                    final File webInfPath = pwmApplication.getPwmEnvironment().getContextManager().locateWebInfFilePath();
+                    final File webInfPath = pwmDomain.getPwmEnvironment().getContextManager().locateWebInfFilePath();
                     if ( webInfPath != null && webInfPath.exists() )
                     {
                         final File servletRootPath = webInfPath.getParentFile();
@@ -573,7 +573,7 @@ public class DebugItemGenerator
             final Instant startTime = Instant.now();
             final Function<PwmLogEvent, String> logEventFormatter = PwmLogEvent::toLogString;
 
-            outputLogs( debugItemInput.getPwmApplication(), outputStream, logEventFormatter );
+            outputLogs( debugItemInput.getPwmDomain(), outputStream, logEventFormatter );
             LOGGER.trace( () ->  "debug log output completed in ", () -> TimeDuration.fromCurrent( startTime ) );
         }
     }
@@ -592,27 +592,27 @@ public class DebugItemGenerator
             final Instant startTime = Instant.now();
             final Function<PwmLogEvent, String> logEventFormatter = pwmLogEvent -> JsonUtil.serialize( pwmLogEvent );
 
-            outputLogs( debugItemInput.getPwmApplication(), outputStream, logEventFormatter );
+            outputLogs( debugItemInput.getPwmDomain(), outputStream, logEventFormatter );
             LOGGER.trace( () ->  "debug json output completed in ", () -> TimeDuration.fromCurrent( startTime ) );
         }
     }
 
     private static void outputLogs(
-            final PwmApplication pwmApplication,
+            final PwmDomain pwmDomain,
             final OutputStream outputStream,
             final Function<PwmLogEvent, String> logEventFormatter
     )
             throws Exception
     {
-        final long maxByteCount = JavaHelper.silentParseLong( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGBYTES ), 10_000_000 );
-        final int maxSeconds = JavaHelper.silentParseInt( pwmApplication.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGSECONDS ), 60 );
+        final long maxByteCount = JavaHelper.silentParseLong( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGBYTES ), 10_000_000 );
+        final int maxSeconds = JavaHelper.silentParseInt( pwmDomain.getConfig().readAppProperty( AppProperty.CONFIG_MANAGER_ZIPDEBUG_MAXLOGSECONDS ), 60 );
         final LocalDBSearchQuery searchParameters = LocalDBSearchQuery.builder()
                 .minimumLevel( PwmLogLevel.TRACE )
                 .maxEvents( Integer.MAX_VALUE )
                 .maxQueryTime( TimeDuration.of( maxSeconds, TimeDuration.Unit.SECONDS ) )
                 .build();
 
-        final LocalDBSearchResults searchResults = pwmApplication.getLocalDBLogger().readStoredEvents( searchParameters );
+        final LocalDBSearchResults searchResults = pwmDomain.getLocalDBLogger().readStoredEvents( searchParameters );
         final CountingOutputStream countingOutputStream = new CountingOutputStream( outputStream );
 
         final Writer writer = new OutputStreamWriter( countingOutputStream, PwmConstants.DEFAULT_CHARSET );
@@ -643,7 +643,7 @@ public class DebugItemGenerator
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
 
-            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedConfiguration().getStoredConfiguration();
+            final StoredConfiguration storedConfiguration = debugItemInput.getObfuscatedDomainConfig().getStoredConfiguration();
             final LDAPPermissionCalculator ldapPermissionCalculator = new LDAPPermissionCalculator( storedConfiguration );
 
             final CSVPrinter csvPrinter = JavaHelper.makeCsvPrinter( outputStream );
@@ -682,7 +682,7 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final LocalDB localDB = debugItemInput.getPwmApplication().getLocalDB();
+            final LocalDB localDB = debugItemInput.getPwmDomain().getLocalDB();
             final Map<String, Serializable> serializableMap = localDB.debugInfo();
             outputStream.write( JsonUtil.serializeMap( serializableMap, JsonUtil.Flag.PrettyPrint ).getBytes( PwmConstants.DEFAULT_CHARSET ) );
         }
@@ -699,8 +699,8 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            pwmApplication.getSessionTrackService().outputToCsv( LOCALE, pwmApplication.getConfig(), outputStream );
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            pwmDomain.getSessionTrackService().outputToCsv( LOCALE, pwmDomain.getConfig(), outputStream );
         }
     }
 
@@ -715,14 +715,14 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final List<UserIdentity> recentUsers = pwmApplication.getSessionTrackService().getRecentLogins();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final List<UserIdentity> recentUsers = pwmDomain.getSessionTrackService().getRecentLogins();
             final List<UserDebugDataBean> recentDebugBeans = new ArrayList<>();
 
             for ( final UserIdentity userIdentity : recentUsers )
             {
                 final UserDebugDataBean dataBean = UserDebugDataReader.readUserDebugData(
-                        pwmApplication,
+                        pwmDomain,
                         LOCALE,
                         debugItemInput.getSessionLabel(),
                         userIdentity
@@ -745,8 +745,8 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final NodeService nodeService = pwmApplication.getClusterService();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final NodeService nodeService = pwmDomain.getClusterService();
 
             final Map<String, Serializable> debugOutput = new LinkedHashMap<>();
             debugOutput.put( "status", nodeService.status() );
@@ -772,8 +772,8 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final CacheService cacheService = pwmApplication.getCacheService();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final CacheService cacheService = pwmDomain.getCacheService();
 
             final Map<String, Serializable> debugOutput = new LinkedHashMap<>( cacheService.debugInfo() );
             outputStream.write( JsonUtil.serializeMap( debugOutput, JsonUtil.Flag.PrettyPrint ).getBytes( PwmConstants.DEFAULT_CHARSET ) );
@@ -791,10 +791,10 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final ContextManager contextManager = pwmApplication.getPwmEnvironment().getContextManager();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final ContextManager contextManager = pwmDomain.getPwmEnvironment().getContextManager();
             final AppDashboardData appDashboardData = AppDashboardData.makeDashboardData(
-                    pwmApplication,
+                    pwmDomain,
                     contextManager,
                     LOCALE
             );
@@ -814,8 +814,8 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final StatisticsManager statsManager = pwmApplication.getStatisticsManager();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final StatisticsManager statsManager = pwmDomain.getStatisticsManager();
             statsManager.outputStatsToCsv( outputStream, LOCALE, true );
         }
     }
@@ -831,8 +831,8 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final List<LdapConnectionService.ConnectionInfo> connectionInfos = pwmApplication.getLdapConnectionService().getConnectionInfos();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final List<LdapConnectionService.ConnectionInfo> connectionInfos = pwmDomain.getLdapConnectionService().getConnectionInfos();
             final Writer writer = new OutputStreamWriter( outputStream, PwmConstants.DEFAULT_CHARSET );
             writer.write( JsonUtil.serializeCollection( connectionInfos, JsonUtil.Flag.PrettyPrint ) );
             writer.flush();
@@ -850,8 +850,8 @@ public class DebugItemGenerator
         @Override
         public void outputItem( final DebugItemInput debugItemInput, final OutputStream outputStream ) throws Exception
         {
-            final PwmApplication pwmApplication = debugItemInput.getPwmApplication();
-            final StatisticsManager statsManager = pwmApplication.getStatisticsManager();
+            final PwmDomain pwmDomain = debugItemInput.getPwmDomain();
+            final StatisticsManager statsManager = pwmDomain.getStatisticsManager();
             final CSVPrinter csvPrinter = JavaHelper.makeCsvPrinter( outputStream );
             {
                 final List<String> headerRow = new ArrayList<>();
@@ -958,9 +958,9 @@ public class DebugItemGenerator
     @Value
     private static class DebugItemInput
     {
-        private final PwmApplication pwmApplication;
+        private final PwmDomain pwmDomain;
         private final SessionLabel sessionLabel;
-        private final Configuration obfuscatedConfiguration;
+        private final DomainConfig obfuscatedDomainConfig;
     }
 
 }

server/src/main/java/password/pwm/http/servlet/forgottenpw/ForgottenPasswordServlet.java

@@ -27,14 +27,14 @@ import com.novell.ldapchai.exception.ChaiOperationException;
 import com.novell.ldapchai.exception.ChaiUnavailableException;
 import com.novell.ldapchai.exception.ChaiValidationException;
 import password.pwm.AppProperty;
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.PwmConstants;
 import password.pwm.VerificationMethodSystem;
 import password.pwm.bean.LoginInfoBean;
 import password.pwm.bean.PasswordStatus;
 import password.pwm.bean.TokenDestinationItem;
 import password.pwm.bean.UserIdentity;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.IdentityVerificationMethod;
 import password.pwm.config.option.RecoveryAction;
@@ -179,9 +179,9 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     {
 
         final PwmSession pwmSession = pwmRequest.getPwmSession();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
-        final Configuration config = pwmApplication.getConfig();
+        final DomainConfig config = pwmDomain.getConfig();
 
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
         if ( !config.readSettingAsBoolean( PwmSetting.FORGOTTEN_PASSWORD_ENABLE ) )
@@ -198,7 +198,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
 
         if ( forgottenPasswordBean.getUserIdentity() != null )
         {
-            pwmApplication.getIntruderManager().convenience().checkUserIdentity( forgottenPasswordBean.getUserIdentity() );
+            pwmDomain.getIntruderManager().convenience().checkUserIdentity( forgottenPasswordBean.getUserIdentity() );
         }
 
         checkForLocaleSwitch( pwmRequest, forgottenPasswordBean );
@@ -392,7 +392,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             throws ChaiUnavailableException, PwmUnrecoverableException, IOException, ServletException
     {
         final Locale userLocale = pwmRequest.getLocale();
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
 
         final String contextParam = pwmRequest.readParameterAsString( PwmConstants.PARAM_CONTEXT );
         final String ldapProfile = pwmRequest.readParameterAsString( PwmConstants.PARAM_LDAP_PROFILE );
@@ -413,7 +413,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             }
         }
 
-        final List<FormConfiguration> forgottenPasswordForm = pwmApplication.getConfig().readSettingAsForm(
+        final List<FormConfiguration> forgottenPasswordForm = pwmDomain.getConfig().readSettingAsForm(
                 PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FORM );
 
         Map<FormConfiguration, String> formValues = new LinkedHashMap<>();
@@ -424,17 +424,17 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             formValues = FormUtility.readFormValuesFromRequest( pwmRequest, forgottenPasswordForm, userLocale );
 
             // check for intruder search values
-            pwmApplication.getIntruderManager().convenience().checkAttributes( formValues );
+            pwmDomain.getIntruderManager().convenience().checkAttributes( formValues );
 
             // see if the values meet the configured form requirements.
             FormUtility.validateFormValues( pwmRequest.getConfig(), formValues, userLocale );
 
             final String searchFilter;
             {
-                final String configuredSearchFilter = pwmApplication.getConfig().readSettingAsString( PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FILTER );
+                final String configuredSearchFilter = pwmDomain.getConfig().readSettingAsString( PwmSetting.FORGOTTEN_PASSWORD_SEARCH_FILTER );
                 if ( configuredSearchFilter == null || configuredSearchFilter.isEmpty() )
                 {
-                    searchFilter = FormUtility.ldapSearchFilterForForm( pwmApplication, forgottenPasswordForm );
+                    searchFilter = FormUtility.ldapSearchFilterForForm( pwmDomain, forgottenPasswordForm );
                     LOGGER.trace( pwmRequest, () -> "auto generated ldap search filter: " + searchFilter );
                 }
                 else
@@ -446,7 +446,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             // convert the username field to an identity
             final UserIdentity userIdentity;
             {
-                final UserSearchEngine userSearchEngine = pwmApplication.getUserSearchEngine();
+                final UserSearchEngine userSearchEngine = pwmDomain.getUserSearchEngine();
                 final SearchConfiguration searchConfiguration = SearchConfiguration.builder()
                         .filter( searchFilter )
                         .formValues( formValues )
@@ -462,13 +462,13 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                 throw new PwmOperationalException( new ErrorInformation( PwmError.ERROR_CANT_MATCH_USER ) );
             }
 
-            AuthenticationUtility.checkIfUserEligibleToAuthentication( pwmApplication, userIdentity );
+            AuthenticationUtility.checkIfUserEligibleToAuthentication( pwmDomain, userIdentity );
 
             final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
             ForgottenPasswordUtil.initForgottenPasswordBean( pwmRequest.getPwmRequestContext(), userIdentity, forgottenPasswordBean );
 
             // clear intruder search values
-            pwmApplication.getIntruderManager().convenience().clearAttributes( formValues );
+            pwmDomain.getIntruderManager().convenience().clearAttributes( formValues );
 
             return ProcessStatus.Continue;
         }
@@ -480,10 +480,10 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
                         PwmError.ERROR_RESPONSES_NORESPONSES,
                         e.getErrorInformation().getDetailedErrorMsg(), e.getErrorInformation().getFieldValues()
                 );
-                pwmApplication.getStatisticsManager().incrementValue( Statistic.RECOVERY_FAILURES );
+                pwmDomain.getStatisticsManager().incrementValue( Statistic.RECOVERY_FAILURES );
 
-                pwmApplication.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
-                pwmApplication.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
+                pwmDomain.getIntruderManager().convenience().markAddressAndSession( pwmRequest );
+                pwmDomain.getIntruderManager().convenience().markAttributes( formValues, pwmRequest.getLabel() );
 
                 LOGGER.debug( pwmRequest, errorInfo );
                 setLastError( pwmRequest, errorInfo );
@@ -951,8 +951,8 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     protected void nextStep( final PwmRequest pwmRequest )
             throws IOException, ServletException, PwmUnrecoverableException, ChaiUnavailableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
-        final Configuration config = pwmRequest.getConfig();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
+        final DomainConfig config = pwmRequest.getConfig();
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
 
         final ForgottenPasswordBean.RecoveryFlags recoveryFlags = forgottenPasswordBean.getRecoveryFlags();
@@ -992,7 +992,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             if ( !progress.getSatisfiedMethods().contains( IdentityVerificationMethod.PREVIOUS_AUTH ) )
             {
                 final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
-                final String userGuid = LdapOperationsHelper.readLdapGuidValue( pwmApplication, pwmRequest.getLabel(), userIdentity, true );
+                final String userGuid = LdapOperationsHelper.readLdapGuidValue( pwmDomain, pwmRequest.getLabel(), userIdentity, true );
                 if ( ForgottenPasswordUtil.checkAuthRecord( pwmRequest, userGuid ) )
                 {
                     LOGGER.debug( pwmRequest, () -> "marking " + IdentityVerificationMethod.PREVIOUS_AUTH + " method as satisfied" );
@@ -1163,19 +1163,19 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     private void executeUnlock( final PwmRequest pwmRequest )
             throws IOException, ServletException, ChaiUnavailableException, PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
         final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
 
         try
         {
-            final ChaiUser theUser = pwmApplication.getProxiedChaiUser( userIdentity );
+            final ChaiUser theUser = pwmDomain.getProxiedChaiUser( userIdentity );
             theUser.unlockPassword();
 
             // mark the event log
             final UserInfo userInfoBean = ForgottenPasswordUtil.readUserInfo( pwmRequest.getPwmRequestContext(), forgottenPasswordBean );
-            pwmApplication.getAuditManager().submit( AuditEvent.UNLOCK_PASSWORD, userInfoBean, pwmSession );
+            pwmDomain.getAuditManager().submit( AuditEvent.UNLOCK_PASSWORD, userInfoBean, pwmSession );
 
             ForgottenPasswordUtil.sendUnlockNoticeEmail( pwmRequest.getPwmRequestContext(), forgottenPasswordBean );
 
@@ -1198,7 +1198,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
     private void executeResetPassword( final PwmRequest pwmRequest )
             throws ChaiUnavailableException, IOException, ServletException, PwmUnrecoverableException
     {
-        final PwmApplication pwmApplication = pwmRequest.getPwmApplication();
+        final PwmDomain pwmDomain = pwmRequest.getPwmApplication();
         final PwmSession pwmSession = pwmRequest.getPwmSession();
         final ForgottenPasswordBean forgottenPasswordBean = forgottenPasswordBean( pwmRequest );
 
@@ -1208,7 +1208,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         }
 
         final UserIdentity userIdentity = forgottenPasswordBean.getUserIdentity();
-        final ChaiUser theUser = pwmApplication.getProxiedChaiUser( userIdentity );
+        final ChaiUser theUser = pwmDomain.getProxiedChaiUser( userIdentity );
 
         try
         {
@@ -1226,7 +1226,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
         try
         {
             final SessionAuthenticator sessionAuthenticator = new SessionAuthenticator(
-                    pwmApplication,
+                    pwmDomain,
                     pwmRequest,
                     PwmAuthenticationSource.FORGOTTEN_PASSWORD
             );
@@ -1236,7 +1236,7 @@ public class ForgottenPasswordServlet extends ControlledPwmServlet
             LOGGER.info( pwmRequest, () -> "user successfully supplied password recovery responses, forward to change password page: " + theUser.getEntryDN() );
 
             // mark the event log
-            pwmApplication.getAuditManager().submit( AuditEvent.RECOVER_PASSWORD, pwmSession.getUserInfo(),
+            pwmDomain.getAuditManager().submit( AuditEvent.RECOVER_PASSWORD, pwmSession.getUserInfo(),
                     pwmSession );
 
             // mark user as requiring a new password.

server/src/main/java/password/pwm/http/servlet/forgottenpw/ForgottenPasswordStageProcessor.java

@@ -20,10 +20,10 @@
 
 package password.pwm.http.servlet.forgottenpw;
 
-import password.pwm.PwmApplication;
+import password.pwm.PwmDomain;
 import password.pwm.bean.PasswordStatus;
 import password.pwm.bean.SessionLabel;
-import password.pwm.config.Configuration;
+import password.pwm.config.DomainConfig;
 import password.pwm.config.PwmSetting;
 import password.pwm.config.option.IdentityVerificationMethod;
 import password.pwm.config.option.RecoveryAction;
@@ -137,9 +137,9 @@ class ForgottenPasswordStageProcessor
         {
             final ForgottenPasswordBean forgottenPasswordBean = stateMachine.getForgottenPasswordBean();
             final PwmRequestContext pwmRequestContext = stateMachine.getCommonValues();
-            final PwmApplication pwmApplication = pwmRequestContext.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequestContext.getPwmDomain();
             final SessionLabel sessionLabel = pwmRequestContext.getSessionLabel();
-            final Configuration config = pwmApplication.getConfig();
+            final DomainConfig config = pwmDomain.getConfig();
 
             final ForgottenPasswordBean.RecoveryFlags recoveryFlags = forgottenPasswordBean.getRecoveryFlags();
             final ForgottenPasswordBean.Progress progress = forgottenPasswordBean.getProgress();
@@ -149,7 +149,7 @@ class ForgottenPasswordStageProcessor
                 return Optional.of( ForgottenPasswordStage.VERIFICATION );
             }
 
-            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmApplication, forgottenPasswordBean );
+            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmDomain, forgottenPasswordBean );
             {
                 final Map<String, ForgottenPasswordProfile> profileIDList = config.getForgottenPasswordProfiles();
                 final String profileDebugMsg = forgottenPasswordProfile != null && profileIDList != null && profileIDList.size() > 1
@@ -323,13 +323,13 @@ class ForgottenPasswordStageProcessor
         {
             final ForgottenPasswordBean forgottenPasswordBean = stateMachine.getForgottenPasswordBean();
             final PwmRequestContext pwmRequestContext = stateMachine.getCommonValues();
-            final PwmApplication pwmApplication = pwmRequestContext.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequestContext.getPwmDomain();
             final SessionLabel sessionLabel = pwmRequestContext.getSessionLabel();
 
             if ( !forgottenPasswordBean.getProgress().isAllPassed() )
             {
                 forgottenPasswordBean.getProgress().setAllPassed( true );
-                pwmApplication.getStatisticsManager().incrementValue( Statistic.RECOVERY_SUCCESSES );
+                pwmDomain.getStatisticsManager().incrementValue( Statistic.RECOVERY_SUCCESSES );
             }
 
             final UserInfo userInfo = ForgottenPasswordUtil.readUserInfo( pwmRequestContext, forgottenPasswordBean );
@@ -339,7 +339,7 @@ class ForgottenPasswordStageProcessor
             }
 
             // check if user's pw is within min lifetime window
-            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmApplication, forgottenPasswordBean );
+            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmDomain, forgottenPasswordBean );
             final RecoveryMinLifetimeOption minLifetimeOption = forgottenPasswordProfile.readSettingAsEnum(
                     PwmSetting.RECOVERY_MINIMUM_PASSWORD_LIFETIME_OPTIONS,
                     RecoveryMinLifetimeOption.class
@@ -368,13 +368,13 @@ class ForgottenPasswordStageProcessor
         {
             final ForgottenPasswordBean forgottenPasswordBean = stateMachine.getForgottenPasswordBean();
             final PwmRequestContext pwmRequestContext = stateMachine.getCommonValues();
-            final PwmApplication pwmApplication = pwmRequestContext.getPwmApplication();
+            final PwmDomain pwmDomain = pwmRequestContext.getPwmDomain();
             final SessionLabel sessionLabel = pwmRequestContext.getSessionLabel();
-            final Configuration config = pwmApplication.getConfig();
+            final DomainConfig config = pwmDomain.getConfig();
 
             final UserInfo userInfo = ForgottenPasswordUtil.readUserInfo( pwmRequestContext, forgottenPasswordBean );
 
-            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmApplication, forgottenPasswordBean );
+            final ForgottenPasswordProfile forgottenPasswordProfile = ForgottenPasswordUtil.forgottenPasswordProfile( pwmDomain, forgottenPasswordBean );
 
             final RecoveryMinLifetimeOption minLifetimeOption = forgottenPasswordProfile.readSettingAsEnum(
                     PwmSetting.RECOVERY_MINIMUM_PASSWORD_LIFETIME_OPTIONS,